From 0cf5087852b375e0885aa4a650d270eb9779935e Mon Sep 17 00:00:00 2001
From: Darien Raymond <admin@v2ray.com>
Date: Fri, 27 Jan 2017 13:42:31 +0100
Subject: [PATCH] fix auth reader buffer overrun

---
 common/crypto/auth.go | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/common/crypto/auth.go b/common/crypto/auth.go
index 54cad60c6..39ca8543b 100644
--- a/common/crypto/auth.go
+++ b/common/crypto/auth.go
@@ -15,6 +15,7 @@ var (
 
 	errInsufficientBuffer = errors.New("Insufficient buffer.")
 	errInvalidNonce       = errors.New("Invalid nonce.")
+	errInvalidLength      = errors.New("Invalid buffer size.")
 )
 
 type BytesGenerator interface {
@@ -79,10 +80,14 @@ type AuthenticationReader struct {
 	aggressive bool
 }
 
+const (
+	readerBufferSize = 32 * 1024
+)
+
 func NewAuthenticationReader(auth Authenticator, reader io.Reader, aggressive bool) *AuthenticationReader {
 	return &AuthenticationReader{
 		auth:       auth,
-		buffer:     buf.NewLocal(32 * 1024),
+		buffer:     buf.NewLocal(readerBufferSize),
 		reader:     reader,
 		aggressive: aggressive,
 	}
@@ -96,6 +101,9 @@ func (v *AuthenticationReader) NextChunk() error {
 	if size > v.buffer.Len()-2 {
 		return errInsufficientBuffer
 	}
+	if size > readerBufferSize-2 {
+		return errInvalidLength
+	}
 	if size == v.auth.Overhead() {
 		return io.EOF
 	}