From 33fa1c362ae80938354aaa43eec39f4826c4489a Mon Sep 17 00:00:00 2001
From: beerpsi <beerpsi@duck.com>
Date: Sun, 31 Dec 2023 14:21:12 +0700
Subject: [PATCH] Fixes some buffer overflow waiting to happen

---
 chuniio/src/servers/android.c | 12 +++++-------
 chuniio/src/servers/ios.c     |  2 +-
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/chuniio/src/servers/android.c b/chuniio/src/servers/android.c
index 78e9c91..42b7f61 100644
--- a/chuniio/src/servers/android.c
+++ b/chuniio/src/servers/android.c
@@ -15,8 +15,6 @@
 #include "servers/common.h"
 #include "socket.h"
 
-#define BUFSIZ 512
-
 bool tcp_mode = true;
 uint16_t server_port = 52468;
 
@@ -193,7 +191,7 @@ unsigned int __stdcall input_recv_thread_proc(void *v) {
     uint8_t real_len;
 
     while (!atomic_load(&ctx->exit_flag)) {
-        char buffer[BUFSIZ];
+        char buffer[96];
 
         if (!tcp_mode) {
             /**
@@ -202,7 +200,7 @@ unsigned int __stdcall input_recv_thread_proc(void *v) {
             remaining data is discarded
             **/
 
-            if ((recv_len = recvfrom(sock, buffer, BUFSIZ - 1, 0, NULL, NULL)) == -1) {
+            if ((recv_len = recvfrom(sock, buffer, 96, 0, NULL, NULL)) == -1) {
                 continue;
             }
 
@@ -243,7 +241,7 @@ unsigned int __stdcall input_recv_thread_proc(void *v) {
             }
 
             real_len = buffer[0];
-            packet_len = real_len + 1;
+            packet_len = real_len + 1;  // 1 for the packet length
 
             while (recv_len < packet_len) {
                 const int read =
@@ -308,7 +306,7 @@ unsigned int __stdcall input_recv_thread_proc(void *v) {
                    memcmp(buffer + 1, "CON", 3) == 0) {
             const struct PacketConnect *pkt = (struct PacketConnect *)buffer;
 
-            get_socks_address(pkt, ctx->remote_address, BUFSIZ - 1, &ctx->remote_port);
+            get_socks_address(pkt, ctx->remote_address, 40, &ctx->remote_port);
             print_err("[Android: INFO] Device %s:%d connected.\n", ctx->remote_address,
                       ctx->remote_port);
 
@@ -326,7 +324,7 @@ unsigned int __stdcall input_recv_thread_proc(void *v) {
             if (strlen(ctx->remote_address)) {
                 print_err("[Android: INFO] Device %s:%d disconnected.\n", ctx->remote_address,
                           ctx->remote_port);
-                memset(ctx->remote_address, 0, BUFSIZ);
+                memset(ctx->remote_address, 0, 40);
             }
 
             if (tcp_mode) {
diff --git a/chuniio/src/servers/ios.c b/chuniio/src/servers/ios.c
index 20f4283..e774aa4 100644
--- a/chuniio/src/servers/ios.c
+++ b/chuniio/src/servers/ios.c
@@ -75,7 +75,7 @@ unsigned int __stdcall ios_input_recv_thread_proc(void *v) {
     bool air_enabled = true;
 
     while (!atomic_load(&ctx->exit_flag)) {
-        char buffer[BUFSIZ];
+        char buffer[96];
         int status;
         uint32_t read;