mirrors/Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2025-04-29 16:58:34 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix DoS attack vulnerability in CommandSwitchAccountFactory

Browse source
This commit is contained in:
Shelikhoo 2021-12-05 19:15:38 +00:00 committed by yuhan6665
parent 4fc284a8e9
commit 6fb5c887b2
2 changed files with 22 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
proxy/vmess/encoding/commands.go
View file

@ -139,7 +139,7 @@ func (f *CommandSwitchAccountFactory) Unmarshal(data []byte) (interface{}, error
}
cmd.Level = uint32(data[levelStart])
timeStart := levelStart + 1
if len(data) < timeStart {
if len(data) < timeStart+1 {
return nil, newError("insufficient length.")
}
cmd.ValidMin = data[timeStart]