[Asterisk-code-review] res http websocket: ensure control frames do not interfere w... (asterisk[13])
Jeremy Lainé
asteriskteam at digium.com
Wed Jan 23 04:48:11 CST 2019
Jeremy Lainé has uploaded this change for review. ( https://gerrit.asterisk.org/10913
Change subject: res_http_websocket: ensure control frames do not interfere with data
......................................................................
res_http_websocket: ensure control frames do not interfere with data
Control frames (PING / PONG / CLOSE) can be received in the middle of a
fragmented message. In order to ensure they do not interfere with the
reassembly buffer, we exit early and do not return the payload to the
caller.
ASTERISK-28257 #close
Change-Id: Ia5367144fe08ac6141bba3309517a48ec7f013bc
---
M res/res_http_websocket.c
1 file changed, 11 insertions(+), 2 deletions(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/13/10913/1
diff --git a/res/res_http_websocket.c b/res/res_http_websocket.c
index 2ac5541..e8301df 100644
--- a/res/res_http_websocket.c
+++ b/res/res_http_websocket.c
@@ -617,9 +617,17 @@
}
/* Per the RFC for PING we need to send back an opcode with the application data as received */
- if ((*opcode == AST_WEBSOCKET_OPCODE_PING) && (ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len))) {
+ if (*opcode == AST_WEBSOCKET_OPCODE_PING) {
+ if (ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len)) {
+ ast_websocket_close(session, 1009);
+ }
*payload_len = 0;
- ast_websocket_close(session, 1009);
+ return 0;
+ }
+
+ /* Stop PONG processing here */
+ if (*opcode == AST_WEBSOCKET_OPCODE_PONG) {
+ *payload_len = 0;
return 0;
}
@@ -633,6 +641,7 @@
return 0;
}
+ /* Below this point we are handling TEXT, BINARY or CONTINUATION opcodes */
if (*payload_len) {
if (!(new_payload = ast_realloc(session->payload, (session->payload_len + *payload_len)))) {
ast_log(LOG_WARNING, "Failed allocation: %p, %zu, %"PRIu64"\n",
--
To view, visit https://gerrit.asterisk.org/10913
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia5367144fe08ac6141bba3309517a48ec7f013bc
Gerrit-Change-Number: 10913
Gerrit-PatchSet: 1
Gerrit-Owner: Jeremy Lainé <jeremy.laine at m4x.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20190123/05553d70/attachment.html>
More information about the asterisk-code-review
mailing list