1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2025-01-17 23:06:30 -05:00

Fix unsafe math rand usage

This commit is contained in:
Shelikhoo 2024-03-13 19:23:06 +00:00 committed by Xiaokang Wang (Shelikhoo)
parent 94fa391dfe
commit 04275b6991
3 changed files with 18 additions and 3 deletions

View File

@ -3,6 +3,10 @@
package dice
import (
crand "crypto/rand"
"github.com/v2fly/v2ray-core/v5/common"
"io"
"math/big"
"math/rand"
"time"
)
@ -15,6 +19,17 @@ func Roll(n int) int {
return rand.Intn(n)
}
// RollWith returns a non-negative number between 0 (inclusive) and n (exclusive).
// Use random as the random source, if read fails, it panics.
func RollWith(n int, random io.Reader) int {
if n == 1 {
return 0
}
mrand, err := crand.Int(random, big.NewInt(int64(n)))
common.Must(err)
return int(mrand.Int64())
}
// Roll returns a non-negative number between 0 (inclusive) and n (exclusive).
func RollDeterministic(n int, seed int64) int {
if n == 1 {

View File

@ -5,8 +5,8 @@ import (
"crypto/cipher"
cryptoRand "crypto/rand"
"encoding/binary"
"github.com/v2fly/v2ray-core/v5/common/dice"
"io"
"math/rand"
"time"
"github.com/v2fly/v2ray-core/v5/common"
@ -62,7 +62,7 @@ func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
paddingLength := TCPMinPaddingLength
if initialPayload == nil {
initialPayload = []byte{}
paddingLength += 1 + rand.Intn(TCPMaxPaddingLength) // TODO INSECURE RANDOM USED
paddingLength += 1 + dice.RollWith(TCPMaxPaddingLength, cryptoRand.Reader)
}
variableLengthHeader := &TCPRequestHeader3VariableLength{

View File

@ -101,7 +101,7 @@ func (c *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writ
common.Must(buffer.WriteByte(c.responseHeader))
common.Must(buffer.WriteByte(byte(header.Option)))
paddingLen := dice.Roll(16)
paddingLen := dice.RollWith(16, rand.Reader)
security := byte(paddingLen<<4) | byte(header.Security)
common.Must2(buffer.Write([]byte{security, byte(0), byte(header.Command)}))