Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8162760

Bug in SocksSocketImpl

    XMLWordPrintable

    Details

    • Subcomponent:
    • CPU:
      generic
    • OS:
      generic

      Description

      FULL PRODUCT VERSION :


      ADDITIONAL OS VERSION INFORMATION :
      Linux 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

      A DESCRIPTION OF THE PROBLEM :
      Client Proxy SOCKS works only with IPv4, in SocksSocketImpl try read zero-bytes (0 bits) IPv6 (IPv6 has 16 bytes) and zero bytes DOMAIN_NAME

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Change zero byte of array IPv6 to 16 bytes.

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Class SocksSocketImpl (look only at 523 line and 534):

              switch (data[1]) {
              case REQUEST_OK:
                  // success!
                  switch(data[3]) {
                  case IPV4:
                      addr = new byte[4];
                      i = readSocksReply(in, addr, deadlineMillis);
                      if (i != 4)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  case DOMAIN_NAME:
                      len = data[1]; //LINE 523 <------------------ should read one byte with length
                      byte[] host = new byte[len];
                      i = readSocksReply(in, host, deadlineMillis);
                      if (i != len)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  case IPV6:
                      len = data[1]; //LINE 534 <-------------------- should be 16
                      addr = new byte[len];
                      i = readSocksReply(in, addr, deadlineMillis);
                      if (i != len)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  default:
                      ex = new SocketException("Reply from SOCKS server contains wrong code");
                      break;
                  }
                  break;
      ACTUAL -
      Class SocksSocketImpl (look only at 523 line and 534):

              switch (data[1]) {
              case REQUEST_OK:
                  // success!
                  switch(data[3]) {
                  case IPV4:
                      addr = new byte[4];
                      i = readSocksReply(in, addr, deadlineMillis);
                      if (i != 4)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  case DOMAIN_NAME:
                      len = data[1]; //LINE 523 <------------------ should read one byte with length
                      byte[] host = new byte[len];
                      i = readSocksReply(in, host, deadlineMillis);
                      if (i != len)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  case IPV6:
                      len = data[1]; //LINE 534 <-------------------- should be 16
                      addr = new byte[len];
                      i = readSocksReply(in, addr, deadlineMillis);
                      if (i != len)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      data = new byte[2];
                      i = readSocksReply(in, data, deadlineMillis);
                      if (i != 2)
                          throw new SocketException("Reply from SOCKS server badly formatted");
                      break;
                  default:
                      ex = new SocketException("Reply from SOCKS server contains wrong code");
                      break;
                  }
                  break;

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      Proxy p = new Proxy(Proxy.Type.SOCKS, inetAddr);
      Socket s = new Socket(p);
      s.connect(ipv6); //or unresolved InetSocketAddress
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Create own implementatin proxy

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              psonal Pallavi Sonal (Inactive)
              Reporter:
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: