Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/net/proxy: Failed SOCKS5 connection causes file descriptor leakage #27630

Closed
magisterquis opened this issue Sep 11, 2018 · 2 comments
Closed

x/net/proxy: Failed SOCKS5 connection causes file descriptor leakage #27630

magisterquis opened this issue Sep 11, 2018 · 2 comments
Labels
FrozenDueToAge

Comments

@magisterquis
Copy link

What version of Go are you using (go version)?

go version go1.11 openbsd/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOCACHE="/home/stuart/.cache/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="openbsd"
GOOS="openbsd"
GOPATH="/home/stuart/go"
GOPROXY=""
GORACE=""
GOROOT="/home/stuart/.go/1.11"
GOTMPDIR=""
GOTOOLDIR="/home/stuart/.go/1.11/pkg/tool/openbsd_amd64"
GCCGO="gccgo"
CC="gcc"
CXX="g++"
CGO_ENABLED="0"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -fmessage-length=0"

What did you do?

Made a connection attempt via a SOCKS5 proxy to a port on which a host wasn't listening.

package main

import (
        "log"
        "time"

        "golang.org/x/net/proxy"
)

func main() {
        /* Create a dialer to localhost:5555 */
        d, err := proxy.SOCKS5("tcp", "localhost:5555", nil, proxy.Direct)
        if nil != err {
                panic(err)
        }

        /* Try to connect 10 times to a non-existent listener */
        for i := 0; i < 10; i++ {
                c, err := d.Dial("tcp", "127.0.0.1:1234")
                if nil != c {
                        if err := c.Close(); nil != err {
                                log.Printf("Close: %v", err)
                        }
                }
                if nil != err {
                        log.Printf("Dial: %v", err)
                        continue
                }
        }

        /* Give us time to check the open file descriptors */
        time.Sleep(time.Hour)
}

What did you expect to see?

The underlying connection to the SOCKS5 server closed when the connection via the server closed.

What did you see instead?

File descriptor leakage due to the underlying connection not being closed.

This seems to occur because if the underlying call to Dialer.DialWithConn fails (https://github.com/golang/net/blob/master/internal/socks/socks.go#L226), the net.Conn made by Dialer.Dial caller isn't closed before the error is returned to the caller.
@mikioh
Copy link
Contributor

mikioh commented Sep 11, 2018

Good catch, thanks for the report.

@gopherbot
Copy link

Change https://golang.org/cl/134755 mentions this issue: internal/socks: fix socket descriptor leakage in Dialer.Dial

@golang golang locked and limited conversation to collaborators Sep 11, 2019
tmm1 pushed a commit to fancybits/go-net that referenced this issue Sep 12, 2022
@cixtor @tmm1
internal/socks: fix socket descriptor leakage in Dialer.Dial
3698272 
Fixes golang/go#27630.

Change-Id: Id44ade435733ffcd2fc8159ea9ea3287baadf97a
Reviewed-on: https://go-review.googlesource.com/134755
Run-TryBot: Mikio Hara <mikioh.mikioh@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mikioh @magisterquis @gopherbot