mirror of https://github.com/v2ray/v2ray-core
96dc2c1c81
This fix addresses a potential denial-of-service (DoS) vector that can cause an integer overflow in the presence of malicious WebSocket frames. The fix adds additional checks against the remaining bytes on a connection, as well as a test to prevent regression. Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review. * bugfix: fix DoS vector caused by readLimit bypass * bugfix: payload length 127 should read bytes as uint64 * bugfix: defend against readLength overflows |
||
|---|---|---|
| .dev/protoc | ||
| .github | ||
| .vscode | ||
| app | ||
| common | ||
| external | ||
| features | ||
| infra | ||
| main | ||
| proxy | ||
| release | ||
| testing | ||
| transport | ||
| .gitignore | ||
| LICENSE | ||
| README.md | ||
| WORKSPACE | ||
| annotations.go | ||
| azure-pipelines.template.yml | ||
| azure-pipelines.yml | ||
| config.go | ||
| config.pb.go | ||
| config.proto | ||
| context.go | ||
| context_test.go | ||
| core.go | ||
| errors.generated.go | ||
| functions.go | ||
| functions_test.go | ||
| go.mod | ||
| go.sum | ||
| mocks.go | ||
| proto.go | ||
| v2ray.go | ||
| v2ray_test.go | ||
README.md
Project V
Project V is a set of network tools that help you to build your own computer network. It secures your network connections and thus protects your privacy. See our website for more information.
License
Credits
This repo relies on the following third-party projects:
- In production:
- For testing only: