From d7489fc08a442bca17a5a782beafc1c5852b284c Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 22:47:02 +0300
Subject: [PATCH 01/11] =?UTF-8?q?fix:=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D0=BA=D0=B0=20=D1=83=D0=BA=D0=B0=D0=B7=D0=B0=D1=82=D0=B5?=
 =?UTF-8?q?=D0=BB=D1=8F=20=D0=B4=D0=BE=20=D0=B5=D0=B3=D0=BE=20=D0=B8=D1=81?=
 =?UTF-8?q?=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8?=
 =?UTF-8?q?=D1=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/args.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/args.c b/src/args.c
index b8b66d4..ea5ec82 100644
--- a/src/args.c
+++ b/src/args.c
@@ -120,10 +120,10 @@ static int parse_sni_domains(struct domains_list **dlist, const char *domains_st
 			unsigned int domain_len = (i - j);
 			const char *domain_startp = domains_str + j;
 			struct domains_list *edomain = malloc(sizeof(struct domains_list));
-			*edomain = (struct domains_list){0};
 			if (edomain == NULL) {
 				return -ENOMEM;
 			}
+			*edomain = (struct domains_list){0};
 
 			edomain->domain_len = domain_len;
 			edomain->domain_name = malloc(domain_len + 1);

From 78dd12c5268114953daa756da37c01eb3becbc98 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 22:52:13 +0300
Subject: [PATCH 02/11] =?UTF-8?q?fix:=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D0=BA=D0=B0=20=D1=83=D0=BA=D0=B0=D0=B7=D0=B0=D1=82=D0=B5?=
 =?UTF-8?q?=D0=BB=D1=8F=20=D0=B4=D0=BE=20=D0=B5=D0=B3=D0=BE=20=D0=B8=D1=81?=
 =?UTF-8?q?=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8?=
 =?UTF-8?q?=D1=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/args.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/args.c b/src/args.c
index ea5ec82..84c2853 100644
--- a/src/args.c
+++ b/src/args.c
@@ -1243,11 +1243,11 @@ int init_section_config(struct section_config_t **section, struct section_config
 	def_section = malloc(sizeof(struct section_config_t));
 #endif
 	*def_section = (struct section_config_t)default_section_config;
-	def_section->prev = prev;
-
-	if (def_section == NULL) 
+	if (def_section == NULL)
 		return -ENOMEM;
 
+	def_section->prev = prev;
+
 	ret = parse_sni_domains(&def_section->sni_domains, default_snistr, sizeof(default_snistr));
 	if (ret < 0) {
 		free(def_section);

From c73885aca3dc878a28a8be2b32e94754578fc165 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:03:42 +0300
Subject: [PATCH 03/11] =?UTF-8?q?fix:=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5=D1=80?=
 =?UTF-8?q?=D0=BA=D0=B8=20qversion?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

qversion >= 0, т.к. тип переменной - uint32_t. Провека должна быть по
переменной ret.
---
 src/quic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/quic.c b/src/quic.c
index d4ac72f..3112bf5 100644
--- a/src/quic.c
+++ b/src/quic.c
@@ -71,7 +71,7 @@ int quic_check_is_initial(const struct quic_lhdr *qch) {
 	uint32_t qversion;
 	int ret;
 	ret = quic_get_version(&qversion, qch);
-	if (qversion < 0) return 0;
+	if (ret < 0) return 0;
 
 	uint8_t qtype = qch->type;
 

From 6cc23a2991d35613a8e6a16756763b2e2a9feb6b Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:15:05 +0300
Subject: [PATCH 04/11] =?UTF-8?q?fix:=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5=D1=80?=
 =?UTF-8?q?=D0=BA=D0=B8=20fseek?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

По стандарту fseek при неудаче возвращает любое значение кроме нуля.
---
 src/args.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/args.c b/src/args.c
index 84c2853..b7924e6 100644
--- a/src/args.c
+++ b/src/args.c
@@ -62,7 +62,7 @@ static int read_file(const char* filename) {
 	}
 
 	ret = fseek(fd, 0, SEEK_END);
-	if (ret < 0) {
+	if (ret != 0) {
 		ret = -errno;
 		goto close_file;
 	}

From 5f20220d4eabd94757ef6f5475bc5e0c5c7047c1 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:20:31 +0300
Subject: [PATCH 05/11] =?UTF-8?q?fix:=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B8=D0=B5=20=D1=82=D0=B8=D0=BF=D0=B0=20=D0=BF?=
 =?UTF-8?q?=D0=B5=D1=80=D0=B5=D0=BC=D0=B5=D0=BD=D0=BD=D0=BE=D0=B9=20=D0=BD?=
 =?UTF-8?q?=D0=B0=20=D0=BF=D0=BE=D0=B4=D1=85=D0=BE=D0=B4=D1=8F=D1=89=D0=B8?=
 =?UTF-8?q?=D0=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

По стандарту ftell возвращает long.
---
 src/args.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/args.c b/src/args.c
index b7924e6..f655052 100644
--- a/src/args.c
+++ b/src/args.c
@@ -67,7 +67,7 @@ static int read_file(const char* filename) {
 		goto close_file;
 	}
 
-	size_t fsize = ftell(fd);
+	long fsize = ftell(fd);
 	fseek(fd, 0, SEEK_SET);
 	if (ret < 0) {
 		ret = -errno;

From ad6b84a961d338ed7bbb31967c0a564c00a94b32 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:22:24 +0300
Subject: [PATCH 06/11] =?UTF-8?q?fix:=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D0=BA=D0=B0=20ftell=20=D0=BD=D0=B0=20=D0=B2=D0=BE=D0=B7?=
 =?UTF-8?q?=D0=B2=D1=80=D0=B0=D1=89=D0=B0=D0=B5=D0=BC=D0=BE=D0=B5=20=D0=B7?=
 =?UTF-8?q?=D0=BD=D0=B0=D1=87=D0=B5=D0=BD=D0=B8=D0=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/args.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/args.c b/src/args.c
index f655052..6ab7fd0 100644
--- a/src/args.c
+++ b/src/args.c
@@ -68,6 +68,10 @@ static int read_file(const char* filename) {
 	}
 
 	long fsize = ftell(fd);
+	if (fsize == -1L) {
+		ret = -errno;
+		goto close_file;
+	}
 	fseek(fd, 0, SEEK_SET);
 	if (ret < 0) {
 		ret = -errno;

From 34271ece2c202f27393ca39db7bd1d31e8ddc337 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:27:20 +0300
Subject: [PATCH 07/11] =?UTF-8?q?fix:=20=D0=B2=D0=BE=D1=81=D1=81=D1=82?=
 =?UTF-8?q?=D0=B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF?=
 =?UTF-8?q?=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D0=B8=20fseek?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Вероятно в этом месте должна была быть проверка вызова fseek.
---
 src/args.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/args.c b/src/args.c
index 6ab7fd0..d2c6bda 100644
--- a/src/args.c
+++ b/src/args.c
@@ -72,8 +72,8 @@ static int read_file(const char* filename) {
 		ret = -errno;
 		goto close_file;
 	}
-	fseek(fd, 0, SEEK_SET);
-	if (ret < 0) {
+	ret = fseek(fd, 0, SEEK_SET);
+	if (ret != 0) {
 		ret = -errno;
 		goto close_file;
 	}

From 2884cb72f9708e556f2091ee23c4be3b07cedec6 Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:38:37 +0300
Subject: [PATCH 08/11] =?UTF-8?q?fix:=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D0=BA=D0=B0=20=D1=83=D0=BA=D0=B0=D0=B7=D0=B0=D1=82=D0=B5?=
 =?UTF-8?q?=D0=BB=D1=8F=20=D0=BF=D0=B5=D1=80=D0=B5=D0=B4=20=D1=80=D0=B0?=
 =?UTF-8?q?=D0=B7=D1=8B=D0=BC=D0=B5=D0=BD=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8?=
 =?UTF-8?q?=D0=B5=D0=BC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/args.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/args.c b/src/args.c
index d2c6bda..86c64d5 100644
--- a/src/args.c
+++ b/src/args.c
@@ -1246,9 +1246,9 @@ int init_section_config(struct section_config_t **section, struct section_config
 #else
 	def_section = malloc(sizeof(struct section_config_t));
 #endif
-	*def_section = (struct section_config_t)default_section_config;
 	if (def_section == NULL)
 		return -ENOMEM;
+	*def_section = (struct section_config_t)default_section_config;
 
 	def_section->prev = prev;
 

From b832541766618482a999bf4668059ede2f1a59bf Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Wed, 5 Feb 2025 23:55:41 +0300
Subject: [PATCH 09/11] =?UTF-8?q?fix:=20=D0=BF=D0=B5=D1=80=D0=B5=D0=BC?=
 =?UTF-8?q?=D0=B5=D1=89=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D1=80=D0=BE=D0=B2?=
 =?UTF-8?q?=D0=B5=D1=80=D0=BA=D0=B8=20=D0=BD=D0=B0=20=D0=BD=D1=83=D0=B6?=
 =?UTF-8?q?=D0=BD=D0=BE=D0=B5=20=D0=BC=D0=B5=D1=81=D1=82=D0=BE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/quic_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/quic_crypto.c b/src/quic_crypto.c
index 5e498b3..95057d1 100644
--- a/src/quic_crypto.c
+++ b/src/quic_crypto.c
@@ -82,6 +82,10 @@ int quic_parse_initial_message(
 	ret = quic_parse_data(quic_payload, quic_plen,
 			&qch, &qch_len, &qci, &inpayload, &inplen
 	);
+	if (ret < 0) {
+		lgerror(ret, "quic_parse_data");
+		goto error_nfr;
+	}
 
 	ret = quic_get_version(&qversion, qch);
 	if (ret < 0) {
@@ -117,10 +121,6 @@ int quic_parse_initial_message(
 	}
 
 	quic_header_len = inpayload - quic_payload;
-	if (ret < 0) {
-		lgerror(ret, "quic_parse_data");
-		goto error_nfr;
-	}
 
 	ret = quic_parse_initial_header(inpayload, inplen, &qich);
 	if (ret < 0) {

From 49304cc111d80d60babd207e3b0994ae1273022c Mon Sep 17 00:00:00 2001
From: Artyom Gavrilov <rzdartem14@gmail.com>
Date: Thu, 6 Feb 2025 00:29:27 +0300
Subject: [PATCH 10/11] =?UTF-8?q?fix:=20=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2?=
 =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D0=BA=D0=B8=20malloc?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/args.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/args.c b/src/args.c
index 86c64d5..20077c4 100644
--- a/src/args.c
+++ b/src/args.c
@@ -289,6 +289,9 @@ static int parse_fake_custom_payload(
 		return -EINVAL;
 	}
 	unsigned char *custom_buf = malloc(custom_len);
+	if (custom_buf == NULL) {
+		return -ENOMEM;
+	}
 
 	for (int i = 0; i < custom_len; i++) {
 		ret = sscanf(custom_hex_fake + (i << 1), "%2hhx", custom_buf + i);

From df70763b4a0a763c25b25f7e21c751357bb72fd9 Mon Sep 17 00:00:00 2001
From: Vadim Vetrov <vetrovvd@gmail.com>
Date: Thu, 6 Feb 2025 18:43:31 +0300
Subject: [PATCH 11/11] fix: safety defenders for delay_packet_send

---
 src/mangle.c         | 22 ++++------------------
 src/youtubeUnblock.c | 25 ++++++++++++++++++++++---
 2 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/src/mangle.c b/src/mangle.c
index cce9ccd..c299ee5 100644
--- a/src/mangle.c
+++ b/src/mangle.c
@@ -502,18 +502,11 @@ drop:
 
 int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet, size_t pktlen, const size_t *poses, size_t poses_sz, size_t dvs) {
 	if (poses_sz == 0) {
+		lgtrace_addp("raw send packet of %zu bytes with %zu dvs", pktlen, dvs);
 		if (section->seg2_delay && ((dvs > 0) ^ section->frag_sni_reverse)) {
-			if (!instance_config.send_delayed_packet) {
-				return -EINVAL;
-			}
-
-			lgtrace_addp("Sent %zu delayed for %d", pktlen, section->seg2_delay);
-			instance_config.send_delayed_packet(
+			return instance_config.send_delayed_packet(
 				packet, pktlen, section->seg2_delay);
-
-			return 0;
 		} else {
-			lgtrace_addp("Sent %zu bytes", pktlen);
 			return instance_config.send_raw_packet(
 				packet, pktlen);
 		}
@@ -588,18 +581,11 @@ out:
 
 int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet, size_t pktlen, const size_t *poses, size_t poses_sz, size_t dvs) {
 	if (poses_sz == 0) {
+		lgtrace_addp("raw send packet of %zu bytes with %zu dvs", pktlen, dvs);
 		if (section->seg2_delay && ((dvs > 0) ^ section->frag_sni_reverse)) {
-			if (!instance_config.send_delayed_packet) {
-				return -EINVAL;
-			}
-
-			instance_config.send_delayed_packet(
+			return instance_config.send_delayed_packet(
 				packet, pktlen, section->seg2_delay);
-
-			return 0;
 		} else {
-			lgtrace_addp("raw send packet of %zu bytes with %zu dvs", pktlen, dvs);
-
 			return instance_config.send_raw_packet(
 				packet, pktlen);
 		}
diff --git a/src/youtubeUnblock.c b/src/youtubeUnblock.c
index 8c5bffe..8eed35b 100644
--- a/src/youtubeUnblock.c
+++ b/src/youtubeUnblock.c
@@ -614,14 +614,33 @@ void *delay_packet_send_fn(void *data) {
 }
 
 int delay_packet_send(const unsigned char *data, size_t data_len, unsigned int delay_ms) {
+	int ret;
+
 	struct dps_t *dpdt = malloc(sizeof(struct dps_t));
+	if (dpdt == NULL) {
+		return -ENOMEM;
+	}
+	*dpdt = (struct dps_t){0};
+
 	dpdt->pkt = malloc(data_len);
+	if (dpdt->pkt == NULL) {
+		free(dpdt);
+		return -ENOMEM;
+	}
 	memcpy(dpdt->pkt, data, data_len);
+
 	dpdt->pktlen = data_len;
 	dpdt->timer = delay_ms;
-	pthread_t thr;
-	pthread_create(&thr, NULL, delay_packet_send_fn, dpdt);
-	pthread_detach(thr);
+	pthread_t thr = {0};
+	ret = pthread_create(&thr, NULL, delay_packet_send_fn, dpdt);
+	if (ret != 0) {
+		free(dpdt->pkt);
+		free(dpdt);
+		return -ret;
+	}
+
+	ret = pthread_detach(thr);
+
 	lgtrace_addp("Scheduled packet send after %d ms", delay_ms);
 
 	return 0;