fix possible infinite loop issue for socks proxy

neevek · neevek · commit 90dd94cd9e28 · 2025-02-22T18:46:57.000+08:00
diff --git a/src/server.rs b/src/server.rs
@@ -637,6 +637,11 @@ impl Server {
                     .map_err(|_: Elapsed| ProxyError::Timeout)?
                     .map_err(|_| ProxyError::BadRequest)?;
 
+            if nread == 0 {
+                error!("invalid request");
+                return Err(ProxyError::BadRequest);
+            }
+
             if proxy_handler.is_none() {
                 proxy_handler = Some(Self::create_proxy_handler(
                     &params.proto,
diff --git a/src/socks/socks_proxy_handler.rs b/src/socks/socks_proxy_handler.rs
@@ -14,6 +14,8 @@ use std::{
 };
 use tokio::{io::AsyncWriteExt, net::TcpStream};
 
+const SOCKS_MAX_RETRY_COUNT: u8 = 20;
+
 #[derive(PartialEq, Debug)]
 pub(crate) enum InternalParseState {
     SelectMethod,
@@ -26,6 +28,7 @@ pub struct SocksProxyHandler {
     bnd_addr: SocketAddr,
     state: InternalParseState,
     target_addr: Option<NetAddr>,
+    retry_count: u8,
 }
 
 impl SocksProxyHandler {
@@ -39,6 +42,7 @@ impl SocksProxyHandler {
                 SocksVersion::V4 => InternalParseState::SelectedMethod,
             },
             target_addr: None,
+            retry_count: 0,
         }
     }
 
@@ -220,7 +224,17 @@ impl ProxyHandler for SocksProxyHandler {
             return ParseState::ReceivedRequest(self.target_addr.as_ref().unwrap());
         }
 
-        ParseState::Pending
+        self.retry_count += 1;
+
+        if self.retry_count >= SOCKS_MAX_RETRY_COUNT {
+            error!(
+                "unexpected socks request failed with retry count: {}",
+                self.retry_count
+            );
+            self.fail_with_resp()
+        } else {
+            ParseState::Pending
+        }
     }
 
     async fn handle(
diff --git a/src/socks/socks_resp_parser.rs b/src/socks/socks_resp_parser.rs
@@ -10,7 +10,6 @@ pub(crate) enum State {
     SelectMethod,
     IdentifyingMethod,
     Connect,
-    Connecting,
     NegotiationCompleted,
     ErrorOccurred(SocksError),
 }
@@ -67,7 +66,6 @@ impl SocksRespParser {
         }
 
         if self.state == State::Connect {
-            self.state = State::Connecting;
             let bytes = self.buffer.as_bytes();
             let resp_size = bytes.len();
 

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,6 @@ pub(crate) enum State {`
`10`	`10`	`SelectMethod,`
`11`	`11`	`IdentifyingMethod,`
`12`	`12`	`Connect,`
`13`		`- Connecting,`
`14`	`13`	`NegotiationCompleted,`
`15`	`14`	`ErrorOccurred(SocksError),`
`16`	`15`	`}`
`@@ -67,7 +66,6 @@ impl SocksRespParser {`
`67`	`66`	`}`
`68`	`67`
`69`	`68`	`if self.state == State::Connect {`
`70`		`- self.state = State::Connecting;`
`71`	`69`	`let bytes = self.buffer.as_bytes();`
`72`	`70`	`let resp_size = bytes.len();`
`73`	`71`