From d513ae115b41eaeeae12d0ec90682f36572c6d87 Mon Sep 17 00:00:00 2001 From: tako <77hhx8urn@mozmail.com> Date: Fri, 20 Oct 2023 09:54:41 +0800 Subject: [PATCH 1/6] fix: Fix slice out-of-bounds issues in ParseUDPMessage. --- core/internal/protocol/proxy.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/core/internal/protocol/proxy.go b/core/internal/protocol/proxy.go index 19f52f2..87d1b65 100644 --- a/core/internal/protocol/proxy.go +++ b/core/internal/protocol/proxy.go @@ -212,6 +212,9 @@ func ParseUDPMessage(msg []byte) (*UDPMessage, error) { return nil, errors.ProtocolError{Message: "invalid address length"} } bs := buf.Bytes() + if len(bs) < int(lAddr) { + return nil, errors.ProtocolError{Message: "message length mismatch"} + } m.Addr = string(bs[:lAddr]) m.Data = bs[lAddr:] return m, nil From 131306b72b8a81fb455eb37539293ec4a8df2114 Mon Sep 17 00:00:00 2001 From: Toby Date: Thu, 19 Oct 2023 19:30:45 -0700 Subject: [PATCH 2/6] fix: tweak --- core/internal/protocol/proxy.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/core/internal/protocol/proxy.go b/core/internal/protocol/proxy.go index 87d1b65..4a78fc2 100644 --- a/core/internal/protocol/proxy.go +++ b/core/internal/protocol/proxy.go @@ -212,8 +212,9 @@ func ParseUDPMessage(msg []byte) (*UDPMessage, error) { return nil, errors.ProtocolError{Message: "invalid address length"} } bs := buf.Bytes() - if len(bs) < int(lAddr) { - return nil, errors.ProtocolError{Message: "message length mismatch"} + if len(bs) <= int(lAddr) { + // We use <= instead of < here as we expect at least one byte of data after the address + return nil, errors.ProtocolError{Message: "invalid message length"} } m.Addr = string(bs[:lAddr]) m.Data = bs[lAddr:] From dfa95811e890f2aa7ca0e47dfeb15adbd694436b Mon Sep 17 00:00:00 2001 From: Toby Date: Thu, 19 Oct 2023 19:53:51 -0700 Subject: [PATCH 3/6] feat: quic-go v0.39.1 --- app/go.mod | 2 +- app/go.sum | 4 ++-- core/go.mod | 2 +- core/go.sum | 4 ++-- extras/go.mod | 2 +- extras/go.sum | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/app/go.mod b/app/go.mod index 5bb04e0..00fb452 100644 --- a/app/go.mod +++ b/app/go.mod @@ -18,7 +18,7 @@ require ( ) require ( - github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f // indirect + github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 // indirect github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect diff --git a/app/go.sum b/app/go.sum index bfb8562..9e8ddbc 100644 --- a/app/go.sum +++ b/app/go.sum @@ -40,8 +40,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/apernet/go-tproxy v0.0.0-20230809025308-8f4723fd742f h1:uVh0qpEslrWjgzx9vOcyCqsOY3c9kofDZ1n+qaw35ZY= github.com/apernet/go-tproxy v0.0.0-20230809025308-8f4723fd742f/go.mod h1:xkkq9D4ygcldQQhKS/w9CadiCKwCngU7K9E3DaKahpM= -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f h1:h8DPiFzBfRyrsf6ZSdusyw+eDT3qrMEUkp0O06uL3R4= -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 h1:BLyttelGGoJVL6eqQdXBSq57GUMh+1qzlMxEtmVuAHY= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6 h1:4NNbNM2Iq/k57qEu7WfL67UrbPq1uFWxW4qODCohi+0= github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6/go.mod h1:J29hk+f9lJrblVIfiJOtTFk+OblBawmib4uz/VdKzlg= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= diff --git a/core/go.mod b/core/go.mod index 9f1ecf6..8c2adb7 100644 --- a/core/go.mod +++ b/core/go.mod @@ -3,7 +3,7 @@ module github.com/apernet/hysteria/core go 1.21 require ( - github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f + github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 github.com/stretchr/testify v1.8.4 go.uber.org/goleak v1.2.1 golang.org/x/exp v0.0.0-20221205204356-47842c84f3db diff --git a/core/go.sum b/core/go.sum index 227ca11..03d3264 100644 --- a/core/go.sum +++ b/core/go.sum @@ -1,5 +1,5 @@ -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f h1:h8DPiFzBfRyrsf6ZSdusyw+eDT3qrMEUkp0O06uL3R4= -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 h1:BLyttelGGoJVL6eqQdXBSq57GUMh+1qzlMxEtmVuAHY= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= diff --git a/extras/go.mod b/extras/go.mod index f4c7556..5fc8cc1 100644 --- a/extras/go.mod +++ b/extras/go.mod @@ -14,7 +14,7 @@ require ( ) require ( - github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f // indirect + github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect diff --git a/extras/go.sum b/extras/go.sum index 559d42b..a8cafb3 100644 --- a/extras/go.sum +++ b/extras/go.sum @@ -1,5 +1,5 @@ -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f h1:h8DPiFzBfRyrsf6ZSdusyw+eDT3qrMEUkp0O06uL3R4= -github.com/apernet/quic-go v0.39.1-0.20231011033454-52db2775486f/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703 h1:BLyttelGGoJVL6eqQdXBSq57GUMh+1qzlMxEtmVuAHY= +github.com/apernet/quic-go v0.39.2-0.20231020024223-8002a2f97703/go.mod h1:UwsoszQlzTm+dBDuFEwWBYt46K56WqlFEN0RWLvQ0rE= github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6 h1:4NNbNM2Iq/k57qEu7WfL67UrbPq1uFWxW4qODCohi+0= github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6/go.mod h1:J29hk+f9lJrblVIfiJOtTFk+OblBawmib4uz/VdKzlg= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= From 13c63cdfaf9985000ce13280312756e62b189047 Mon Sep 17 00:00:00 2001 From: Toby Date: Thu, 19 Oct 2023 20:07:30 -0700 Subject: [PATCH 4/6] ci: upload releases to download.hysteria.network --- .github/workflows/release.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8c9b7c9..05bc489 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,6 +16,10 @@ jobs: - name: Check out uses: actions/checkout@v4 + - name: Get version + id: get_version + run: echo "version=$(git describe --tags --always --match 'app/v*' | sed -n 's|app/\([^/-]*\)\(-.*\)\{0,1\}|\1|p')" >> $GITHUB_OUTPUT + - name: Setup Go uses: actions/setup-go@v4 with: @@ -46,11 +50,20 @@ jobs: sha256sum $file >> build/hashes.txt done - - name: Upload + - name: Upload GitHub uses: softprops/action-gh-release@v1 with: files: build/* + - name: Upload CF bucket + uses: shallwefootball/upload-s3-action@v1.3.3 + with: + aws_key_id: ${{ secrets.CF_KEY_ID }} + aws_secret_access_key: ${{ secrets.CF_KEY }} + aws_bucket: "https://bea223c61d5a41250d127bd67f51dfec.r2.cloudflarestorage.com/hydownload" + source_dir: "build" + destination_dir: "app/{{ steps.get_version.outputs.version }}" + - name: Publish to API run: | export HY_API_POST_KEY=${{ secrets.HY2_API_POST_KEY }} From c72884f30c6ec7cbd0eedc86e5478fe5978bdd5c Mon Sep 17 00:00:00 2001 From: Toby Date: Thu, 19 Oct 2023 21:27:25 -0700 Subject: [PATCH 5/6] ci: fix s3 upload --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 05bc489..d4336ae 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,7 +60,8 @@ jobs: with: aws_key_id: ${{ secrets.CF_KEY_ID }} aws_secret_access_key: ${{ secrets.CF_KEY }} - aws_bucket: "https://bea223c61d5a41250d127bd67f51dfec.r2.cloudflarestorage.com/hydownload" + aws_bucket: "hydownload" + endpoint: "https://bea223c61d5a41250d127bd67f51dfec.r2.cloudflarestorage.com/hydownload" source_dir: "build" destination_dir: "app/{{ steps.get_version.outputs.version }}" From ee6ae941f48fbfffcb1e2a577e875a13569bc75a Mon Sep 17 00:00:00 2001 From: Toby Date: Thu, 19 Oct 2023 21:45:16 -0700 Subject: [PATCH 6/6] ci: fix s3 upload 2 --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d4336ae..13b50ad 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -61,9 +61,9 @@ jobs: aws_key_id: ${{ secrets.CF_KEY_ID }} aws_secret_access_key: ${{ secrets.CF_KEY }} aws_bucket: "hydownload" - endpoint: "https://bea223c61d5a41250d127bd67f51dfec.r2.cloudflarestorage.com/hydownload" + endpoint: "https://bea223c61d5a41250d127bd67f51dfec.r2.cloudflarestorage.com/" source_dir: "build" - destination_dir: "app/{{ steps.get_version.outputs.version }}" + destination_dir: "app/${{ steps.get_version.outputs.version }}" - name: Publish to API run: |