[Asterisk-code-review] res http websocket: ensure control frames do not interfere w... (asterisk[13])

Jeremy Lainé asteriskteam at digium.com
Wed Jan 23 04:48:11 CST 2019 

Jeremy Lainé has uploaded this change for review. ( https://gerrit.asterisk.org/10913


Change subject: res_http_websocket: ensure control frames do not interfere with data
......................................................................

res_http_websocket: ensure control frames do not interfere with data

Control frames (PING / PONG / CLOSE) can be received in the middle of a
fragmented message. In order to ensure they do not interfere with the
reassembly buffer, we exit early and do not return the payload to the
caller.

ASTERISK-28257 #close

Change-Id: Ia5367144fe08ac6141bba3309517a48ec7f013bc
---
M res/res_http_websocket.c
1 file changed, 11 insertions(+), 2 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/13/10913/1

diff --git a/res/res_http_websocket.c b/res/res_http_websocket.c
index 2ac5541..e8301df 100644
--- a/res/res_http_websocket.c
+++ b/res/res_http_websocket.c
@@ -617,9 +617,17 @@
 		}
 
 		/* Per the RFC for PING we need to send back an opcode with the application data as received */
-		if ((*opcode == AST_WEBSOCKET_OPCODE_PING) && (ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len))) {
+		if (*opcode == AST_WEBSOCKET_OPCODE_PING) {
+			if (ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len)) {
+				ast_websocket_close(session, 1009);
+			}
 			*payload_len = 0;
-			ast_websocket_close(session, 1009);
+			return 0;
+		}
+
+		/* Stop PONG processing here */
+		if (*opcode == AST_WEBSOCKET_OPCODE_PONG) {
+			*payload_len = 0;
 			return 0;
 		}
 
@@ -633,6 +641,7 @@
 			return 0;
 		}
 
+		/* Below this point we are handling TEXT, BINARY or CONTINUATION opcodes */
 		if (*payload_len) {
 			if (!(new_payload = ast_realloc(session->payload, (session->payload_len + *payload_len)))) {
 				ast_log(LOG_WARNING, "Failed allocation: %p, %zu, %"PRIu64"\n",

-- 
To view, visit https://gerrit.asterisk.org/10913
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia5367144fe08ac6141bba3309517a48ec7f013bc
Gerrit-Change-Number: 10913
Gerrit-PatchSet: 1
Gerrit-Owner: Jeremy Lainé <jeremy.laine at m4x.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20190123/05553d70/attachment.html>

More information about the asterisk-code-review mailing list