From 3bce9632d910483c94b1ad379ce46fb7f7312556 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Tue, 29 Aug 2023 03:14:46 -0700 Subject: [PATCH] derp/derphttp: fix data race and crash in proxy dial error path Named result meant error paths assigned that variable to nil. But a goroutine was concurrently using that variable. Don't use a named result for that first parameter. Then then return paths don't overwrite it. Fixes #9129 Change-Id: Ie57f99d40ca8110085097780686d9bd620aaf160 Signed-off-by: Brad Fitzpatrick --- derp/derphttp/derphttp_client.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/derp/derphttp/derphttp_client.go b/derp/derphttp/derphttp_client.go index a98dda10b..3bd314464 100644 --- a/derp/derphttp/derphttp_client.go +++ b/derp/derphttp/derphttp_client.go @@ -730,8 +730,9 @@ func firstStr(a, b string) string { } // dialNodeUsingProxy connects to n using a CONNECT to the HTTP(s) proxy in proxyURL. -func (c *Client) dialNodeUsingProxy(ctx context.Context, n *tailcfg.DERPNode, proxyURL *url.URL) (proxyConn net.Conn, err error) { +func (c *Client) dialNodeUsingProxy(ctx context.Context, n *tailcfg.DERPNode, proxyURL *url.URL) (_ net.Conn, err error) { pu := proxyURL + var proxyConn net.Conn if pu.Scheme == "https" { var d tls.Dialer proxyConn, err = d.DialContext(ctx, "tcp", net.JoinHostPort(pu.Hostname(), firstStr(pu.Port(), "443")))