Impact

There are two instances of a missing return statement inside an if branch that handles an error from a downstream method.
The first issue is in the UpdateTransportOption function, where failed parsing of the Proxy option prints an error, but does not terminate execution of the UpdateTransportOption function.

func UpdateTransportOption(transport *http.Transport, optionYaml []byte) error { [skipped]
       if len(opt.Proxy) > 0 {
             proxy, err := url.Parse(opt.Proxy)
             if err != nil {
                    fmt.Printf("proxy parse error: %s\n", err)
             }
             transport.Proxy = http.ProxyURL(proxy)
       }

The second issue is in the GetV1Preheat method, where failed parsing of the rawID argument does not result in termination of the method execution. Instead, the id variable will be assigned either the zero or max_uint value.

func (s *service) GetV1Preheat(ctx context.Context, rawID string)
(*types.GetV1PreheatResponse, error) {
       id, err := strconv.ParseUint(rawID, 10, 32)
       if err != nil {
             logger.Errorf("preheat convert error", err)
       }

Patches

• Dragonfy v2.1.0 and above.

Workarounds

There are no effective workarounds, beyond upgrading.

References

A third party security audit was performed by Trail of Bits, you can see the full report.

If you have any questions or comments about this advisory, please email us at dragonfly-maintainers@googlegroups.com.