[tor-bugs] #11329 [Obfsproxy]: struct.unpack() bug in socks5.py:get_uint16()

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 26 22:58:06 UTC 2014

#11329: struct.unpack() bug in socks5.py:get_uint16()
 Reporter:  asn        |          Owner:  asn
     Type:  defect     |         Status:  new
 Priority:  normal     |      Milestone:
Component:  Obfsproxy  |        Version:
 Keywords:             |  Actual Points:
Parent ID:             |         Points:
 Apparently we are passing a bytearray to struct.unpack() and it doesn't
 like it. I got stuff like:
   File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.7_dirty-
 py2.7.egg/obfsproxy/network/socks5.py", line 319, in processNoAuthRequired
   File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.7_dirty-
 py2.7.egg/obfsproxy/network/socks5.py", line 377, in processRequest
     port = msg.get_uint16(True)
   File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.7_dirty-
 py2.7.egg/obfsproxy/network/socks5.py", line 503, in get_uint16
     ret = struct.unpack("!H", self[0:2])[0]
 struct.error: unpack requires a string argument of length 2

 I then checked the length of `self[0:2]` and indeed it was `2`. Then I
 checked it's type and it was a `bytearray`. I casted the `bytearray` to a
 `str` before passing it to `struct.unpack` and it seemed to fix the

 I'm not sure why we didn't trigger this bug in the past.
 The bug is included in the latest `obfsproxy-0.2.7` release, I think.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11329>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list