RPJosh
/
neatvnc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stream-ws: Sanitise handshake input

pull/68/head
Andri Yngvason 2023-04-30 14:03:12 +00:00
parent e5e6767c1e
commit c0b3e16bb0
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/stream-ws.c
View File

@ -199,6 +199,14 @@ static ssize_t stream_ws_read_ready(struct stream_ws* ws, void* dst,
static ssize_t stream_ws_read_handshake(struct stream_ws* ws, void* dst,
size_t size)
{
if (ws->read_index >= sizeof(ws->read_buffer)) {
// This header is suspiciously long
stream__remote_closed(&ws->base);
return -1;
}
ws->read_buffer[ws->read_index] = '\0';
char reply[512];
ssize_t header_len = ws_handshake(reply, sizeof(reply),
(const char*)ws->read_buffer);