From da00526ec103a09afe748821489c55301bdedb01 Mon Sep 17 00:00:00 2001 From: M66B Date: Fri, 26 Feb 2016 10:24:52 +0100 Subject: [PATCH] Prevent forwarding to privileged ports Closes #345 --- .../java/eu/faircode/netguard/ActivityForwardApproval.java | 5 +++++ .../main/java/eu/faircode/netguard/ActivityForwarding.java | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/app/src/main/java/eu/faircode/netguard/ActivityForwardApproval.java b/app/src/main/java/eu/faircode/netguard/ActivityForwardApproval.java index 708418ea..e1219e5b 100644 --- a/app/src/main/java/eu/faircode/netguard/ActivityForwardApproval.java +++ b/app/src/main/java/eu/faircode/netguard/ActivityForwardApproval.java @@ -49,6 +49,11 @@ public class ActivityForwardApproval extends Activity { final int ruid = getIntent().getIntExtra("ruid", 0); final String raddr = (addr == null ? "127.0.0.1" : addr); + if (rport < 1024) { + Log.w(TAG, "Port forwarding to privileged port not possible"); + finish(); + } + String pname; if (protocol == 6) pname = getString(R.string.menu_protocol_tcp); diff --git a/app/src/main/java/eu/faircode/netguard/ActivityForwarding.java b/app/src/main/java/eu/faircode/netguard/ActivityForwarding.java index 9a68792a..56235b62 100644 --- a/app/src/main/java/eu/faircode/netguard/ActivityForwarding.java +++ b/app/src/main/java/eu/faircode/netguard/ActivityForwarding.java @@ -194,6 +194,10 @@ public class ActivityForwarding extends AppCompatActivity { final String raddr = etRAddr.getText().toString(); final int rport = Integer.parseInt(etRPort.getText().toString()); final int ruid = ((Rule) spRuid.getSelectedItem()).info.applicationInfo.uid; + + if (rport < 1024) + throw new IllegalArgumentException("Port forwarding to privileged port not possible"); + new AsyncTask() { @Override protected Throwable doInBackground(Object... objects) {