RanchiMall/fcoin
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wsproxy: stricter validation.

Browse Source
This commit is contained in:
Christopher Jeffrey 2017-01-16 15:03:45 -08:00
parent bcde9d59a7
commit ac7f194c4d
No known key found for this signature in database
GPG Key ID: 8962AB9DE6666BBD
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
browser/wsproxy.js
View File

@ -86,6 +86,12 @@ WSProxy.prototype._handleResolve = function _handleResolve(ws, name, record, cal
return;
}
if (record !== 'A' && record !== 'AAAA') {
this.log('Client sent a bad record type: %s.', record);
ws.disconnect();
return;
}
if (!NAME_REGEX.test(name) || name.length > 200) {
this.log('Client sent a bad domain: %s.', name);
ws.disconnect();
@ -143,8 +149,8 @@ WSProxy.prototype._handleConnect = function _handleConnect(ws, port, host, nonce
}
}
if (!/^[a-zA-Z0-9\.:\-]+$/.test(host)) {
this.log('Client gave a bad host (%s).', state.host);
if (IP.version(host) === -1) {
this.log('Client gave a bad host: %s (%s).', host, state.host);
ws.emit('tcp error', {
message: 'EHOSTUNREACH',
code: 'EHOSTUNREACH'