This repository has been archived by the owner on Feb 12, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Daemon can be crashed by remote user #1447
Labels
exp/wizard
Extensive knowledge (implications, ramifications) required
kind/bug
A bug in existing code (including security flaws)
P1
High: Likely tackled by core team if no one steps up
Comments
alanshaw
added
kind/bug
A bug in existing code (including security flaws)
exp/wizard
Extensive knowledge (implications, ramifications) required
status/ready
Ready to be worked
P1
High: Likely tackled by core team if no one steps up
labels
Jul 17, 2018
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 23, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit terminates processing of a destroyed socket before multiaddr causes the crash. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 23, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit terminates processing of a destroyed socket before multiaddr causes the crash. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 23, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit terminates processing of a destroyed socket before multiaddr causes the crash. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
alanshaw
added
status/in-progress
In progress
and removed
status/ready
Ready to be worked
labels
Jul 29, 2018
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 31, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit catches the exception in get-multiaddr and returns an undefined value to listener rather than throwing an exception when trying to process defective or destroyed socket data. Listener then terminates processing of the incoming p2p connections that generate this error condition. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 31, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit catches the exception in get-multiaddr and returns an undefined value to listener rather than throwing an exception when trying to process defective or destroyed socket data. Listener then terminates processing of the incoming p2p connections that generate this error condition. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
TomCoded
added a commit
to TomCoded/js-libp2p-tcp
that referenced
this issue
Jul 31, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit catches the exception in get-multiaddr and returns an undefined value to listener rather than throwing an exception when trying to process defective or destroyed socket data. Listener then terminates processing of the incoming p2p connections that generate this error condition. fixes: libp2p#93 fixes: ipfs/js-ipfs#1447
jacobheun
pushed a commit
to libp2p/js-libp2p-tcp
that referenced
this issue
Jul 31, 2018
Per the nodeJS documentation, a Net socket.remoteAddress value may be undefined if the socket is destroyed, as by a client disconnect. A multiaddr cannot be created for an invalid IP address (such as the undefined remote address of a destroyed socket). Currently the attempt results in a crash that can be triggered remotely. This commit catches the exception in get-multiaddr and returns an undefined value to listener rather than throwing an exception when trying to process defective or destroyed socket data. Listener then terminates processing of the incoming p2p connections that generate this error condition. fixes: #93 fixes: ipfs/js-ipfs#1447
libp2p-tcp 0.12.1 has been released and should resolve the crash. |
This was referenced Sep 15, 2021
This was referenced Jan 15, 2024
This was referenced Jan 16, 2024
This was referenced Feb 11, 2024
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
exp/wizard
Extensive knowledge (implications, ramifications) required
kind/bug
A bug in existing code (including security flaws)
P1
High: Likely tackled by core team if no one steps up
Type: Bug
Severity:
Description:
The below program coded by C language crashes remote js-ipfs daemon. It just connects with
a daemon (by TCP) and directly closes the connection with RST(reset) flag. It needs IP address and port of remote daemon.
Steps to reproduce the error:
I run the program with
and crashed by error like below
The text was updated successfully, but these errors were encountered: