chisel icon indicating copy to clipboard operation
chisel copied to clipboard

Published 20 hours ago verified publisher icon jpillora

resource leak of udp socket

Open chenthanks opened this issue 3 years ago • 3 comments

There are two bugs in func (h *udpHandler) handleWrite(p *udpPacket) error in file tunnel_out_ssh_udp.go: 1.forget to close udp connection, causing resource leak. 2.The limit of udp connection is 100. Iff it received 200 connection in 15s, the 200 connections are also add to the map udpConns.m, and 100 connection of them will have no chance to be removed from the map.

chenthanks avatar Nov 14 '21 06:11 chenthanks

Yea they should time out though

I wonder how NAT (port mapping tables) solve this problem…

On Sun, 14 Nov 2021 at 5:27 pm chenthanks @.***> wrote:

There are two bugs in func (h *udpHandler) handleWrite(p *udpPacket) error in file tunnel_out_ssh_udp.go: 1.forget to close udp connection, causing resource leak. 2.The limit of udp connection is 100. Iff it received 200 connection in 15s, the 200 connections are also add to the map udpConns.m, and 100 connection of them will have no chance to be removed from the map.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jpillora/chisel/issues/309, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE2X4744PKBZ4BVWIQXADTUL5JEBANCNFSM5H7P5W7A .

jpillora avatar Nov 14 '21 09:11 jpillora

whether removal of the connection limit is feasible? it's simple, but works: func (s *L1Proxy) handleUdpProbeStream(us UdpStream) { ...... if !exists { go h.handleRead(p, conn) } ...... }

func (h *udpHandler) handleRead(p *udpPacket, conn *udpConn) { //ensure connection is cleaned up defer func () {h.udpConns.remove(conn.id); conn.Close()} () ...... }

chenthanks avatar Nov 14 '21 14:11 chenthanks

Udp is stateless so read simply wait until timeout, so forget mapping after each read? Can the sender send 2 packets at the mapped port?

On Mon, 15 Nov 2021 at 1:09 am chenthanks @.***> wrote:

whether removal of the connection limit is feasible? it's simple, but works: func (s *L1Proxy) handleUdpProbeStream(us UdpStream) { ...... if !exists { go h.handleRead(p, conn) } ...... }

func (h *udpHandler) handleRead(p *udpPacket, conn *udpConn) { //ensure connection is cleaned up defer func () {h.udpConns.remove(conn.id); conn.Close()} () ...... }

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/jpillora/chisel/issues/309#issuecomment-968297850, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE2X46V22ZV6X7NIMLBS33UL67IDANCNFSM5H7P5W7A .

jpillora avatar Nov 14 '21 20:11 jpillora