Skip to content
This repository has been archived by the owner on Aug 29, 2023. It is now read-only.

fix: "invalid ip address" "daemon can be crashed by remote user" #96

Merged
merged 1 commit into from
Jul 31, 2018
Merged

fix: "invalid ip address" "daemon can be crashed by remote user" #96

merged 1 commit into from
Jul 31, 2018

Conversation

TomCoded
Copy link
Contributor

Hello maintainers! I saw the remote vulnerability from js-ipfs #1447
and hunted it down. Are there any problems with or possible
improvements to this proposed solution? I believe it will also resolve
js-libp2p-tcp issue #93

Cheers,

Tom

--

Per the nodeJS documentation, a Net socket.remoteAddress value may
be undefined if the socket is destroyed, as by a client disconnect.
A multiaddr cannot be created for an invalid IP address (such as
the undefined remote address of a destroyed socket). Currently
the attempt results in a crash that can be triggered remotely. This
commit terminates processing of a destroyed socket before multiaddr
causes the crash.

fixes: #93
fixes: ipfs/js-ipfs#1447

@TomCoded TomCoded force-pushed the fix-93 branch 2 times, most recently from b458077 to 9370155 Compare July 23, 2018 05:19
@alanshaw alanshaw requested a review from jacobheun July 29, 2018 09:06
jacobheun
jacobheun suggested changes Jul 30, 2018
View reviewed changes
Copy link
Contributor

@jacobheun jacobheun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for hunting this down and for the PR @TomCoded! It looks like the core issue is multiaddr not getting the information it needs. For resiliency I think it might be better to wrap the internals of getMultiaddr with a try-catch and then repeat your failed socket logic if the returned addr doesn't exist. That way if the remote data is still bad from multiaddr's point of view, we're still handling the error.

If you could add some tests around the getMultiaddr function showing the catch working, that would be very appreciated.

@TomCoded TomCoded force-pushed the fix-93 branch 2 times, most recently from a4d7fe1 to 6010e59 Compare July 31, 2018 01:54
@TomCoded
fix: invalid ip address and daemon can be crashed by remote user
4fb70be 
Per the nodeJS documentation, a Net socket.remoteAddress value may
be undefined if the socket is destroyed, as by a client disconnect.
A multiaddr cannot be created for an invalid IP address (such as
the undefined remote address of a destroyed socket). Currently
the attempt results in a crash that can be triggered remotely. This
commit catches the exception in get-multiaddr and returns an
undefined value to listener rather than throwing an exception when
trying to process defective or destroyed socket data. Listener then
terminates processing of the incoming p2p connections that generate
this error condition.

fixes: libp2p#93
fixes: ipfs/js-ipfs#1447
@TomCoded
Copy link
Contributor Author

Happy to help @jacobheun! Changed to a try-catch block in get-multiaddr, which should catch any other errors that result in a socket multiaddr can't handle.

@jacobheun jacobheun merged commit 4b04b17 into libp2p:master Jul 31, 2018
@jacobheun
Copy link
Contributor

Looks good! Thanks again @TomCoded! I'll get a release out shortly.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jacobheun jacobheun jacobheun approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Daemon can be crashed by remote user Random "Error: invalid ip address" crash
2 participants
@TomCoded @jacobheun