mirror of
https://git.zx2c4.com/wireguard-go
synced 2024-11-15 01:05:15 +01:00
4eab21a7b7
RoutineReadFromTUN can trigger a call to SendStagedPackets. SendStagedPackets attempts to protect against sending on the encryption queue by checking peer.isRunning and device.isClosed. However, those are subject to TOCTOU bugs. If that happens, we get this: goroutine 1254 [running]: golang.zx2c4.com/wireguard/device.(*Peer).SendStagedPackets(0xc000798300) .../wireguard-go/device/send.go:321 +0x125 golang.zx2c4.com/wireguard/device.(*Device).RoutineReadFromTUN(0xc000014780) .../wireguard-go/device/send.go:271 +0x21c created by golang.zx2c4.com/wireguard/device.NewDevice .../wireguard-go/device/device.go:315 +0x298 Fix this with a simple, big hammer: Keep the encryption queue alive as long as it might be written to. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com> |
||
---|---|---|
.. | ||
alignment_test.go | ||
allowedips_rand_test.go | ||
allowedips_test.go | ||
allowedips.go | ||
bind_test.go | ||
channels.go | ||
constants.go | ||
cookie_test.go | ||
cookie.go | ||
device_test.go | ||
device.go | ||
devicestate_string.go | ||
endpoint_test.go | ||
indextable.go | ||
ip.go | ||
kdf_test.go | ||
keypair.go | ||
logger.go | ||
misc.go | ||
mobilequirks.go | ||
noise_test.go | ||
noise-helpers.go | ||
noise-protocol.go | ||
noise-types.go | ||
peer.go | ||
pools_test.go | ||
pools.go | ||
queueconstants_android.go | ||
queueconstants_default.go | ||
queueconstants_ios.go | ||
race_disabled_test.go | ||
race_enabled_test.go | ||
receive.go | ||
send.go | ||
sticky_default.go | ||
sticky_linux.go | ||
timers.go | ||
tun_test.go | ||
tun.go | ||
uapi.go | ||
version.go |