mirror of
https://github.com/debauchee/barrier.git
synced 2024-12-23 02:51:42 +03:00
lib/server: Close connection when client app-level handshake fails
This fixes the following security vulnerability: - CVE-2021-42075 DoS via file descriptor exhaustion The issue has been reported by Matthias Gerstner <mgerstner@suse.de>.
This commit is contained in:
parent
00e182d22e
commit
deefecc262
@ -0,0 +1,6 @@
|
||||
SECURITY ISSUE
|
||||
|
||||
Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
|
||||
|
||||
Previously repeated failing connections would leak file descriptors leading to Barrier being unable
|
||||
to receive new connections from clients.
|
@ -194,6 +194,11 @@ ClientListener::handleUnknownClient(const Event&, void* vclient)
|
||||
new TMethodEventJob<ClientListener>(this,
|
||||
&ClientListener::handleClientDisconnected,
|
||||
client));
|
||||
} else {
|
||||
auto* stream = unknownClient->getStream();
|
||||
if (stream) {
|
||||
stream->close();
|
||||
}
|
||||
}
|
||||
|
||||
// now finished with unknown client
|
||||
|
Loading…
Reference in New Issue
Block a user