From f1fcdfc2467753cc0f1ba3f48a64401395cba9af Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 17 Jul 2020 08:29:03 +0200
Subject: mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)

---
 plugins/mod_proxy65.lua | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'plugins')

diff --git a/plugins/mod_proxy65.lua b/plugins/mod_proxy65.lua
index aacf6309..bac36b55 100644
--- a/plugins/mod_proxy65.lua
+++ b/plugins/mod_proxy65.lua
@@ -44,7 +44,7 @@ function listener.onincoming(conn, data)
 		end -- else error, unexpected input
 		conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method)
 		conn:close();
-		module:log("debug", "Invalid SOCKS5 greeting received: %q", data);
+		module:log("debug", "Invalid SOCKS5 greeting received: %q", data:sub(1, 300));
 	else -- connection request
 		--local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size )
 		if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then
@@ -66,7 +66,7 @@ function listener.onincoming(conn, data)
 		else -- error, unexpected input
 			conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte)
 			conn:close();
-			module:log("debug", "Invalid SOCKS5 negotiation received: %q", data);
+			module:log("debug", "Invalid SOCKS5 negotiation received: %q", data:sub(1, 300));
 		end
 	end
 end
-- 
cgit v1.2.3