diff options
author | Italo Guerrieri <guerital@amazon.it> | 2017-12-28 11:30:32 +0100 |
---|---|---|
committer | Ignacio Casal Quinteiro <qignacio@amazon.com> | 2018-01-10 22:11:39 +0100 |
commit | 14c33979e7383ae52c75903cad41c623820e0947 (patch) | |
tree | 63e44b1d56522d0ee2cd7af840501c3b53c0b953 /libsoup | |
parent | 17a682e3d9fb76da46c2feb36b246ef30e4ff167 (diff) | |
download | libsoup-14c33979e7383ae52c75903cad41c623820e0947.tar.gz |
Fix big control message payload
Close connection with protocol error if the payload of a
control message is bigger than 125 octets.
Fix Authobahn test case 2.5.
https://bugzilla.gnome.org/show_bug.cgi?id=792113
Diffstat (limited to 'libsoup')
-rw-r--r-- | libsoup/soup-websocket-connection.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/libsoup/soup-websocket-connection.c b/libsoup/soup-websocket-connection.c index e9260b6a..08387e54 100644 --- a/libsoup/soup-websocket-connection.c +++ b/libsoup/soup-websocket-connection.c @@ -152,6 +152,8 @@ typedef enum { static void queue_frame (SoupWebsocketConnection *self, SoupWebsocketQueueFlags flags, gpointer data, gsize len, gsize amount); +static void protocol_error_and_close (SoupWebsocketConnection *self); + static void frame_free (gpointer data) { @@ -358,11 +360,12 @@ send_message (SoupWebsocketConnection *self, outer = bytes->data; outer[0] = 0x80 | opcode; - /* If control message, truncate payload */ + /* If control message, check payload size */ if (opcode & 0x08) { if (length > 125) { - g_warning ("Truncating WebSocket control message payload"); - length = 125; + g_warning ("WebSocket control message payload exceeds size limit"); + protocol_error_and_close (self); + return; } buffered_amount = 0; |