sdk/lib/io/websocket_impl.dart - Issue 16363005: Ensure that only byte values are sent by sockets and web sockets

Side by Side Diff: sdk/lib/io/websocket_impl.dart

Issue 16363005: Ensure that only byte values are sent by sockets and web sockets (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart

Patch Set: Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file	1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file

2 // for details. All rights reserved. Use of this source code is governed by a	2 // for details. All rights reserved. Use of this source code is governed by a

3 // BSD-style license that can be found in the LICENSE file.	3 // BSD-style license that can be found in the LICENSE file.

4	4

5 part of dart.io;	5 part of dart.io;

6	6

7 const String _webSocketGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";	7 const String _webSocketGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";

8	8

9 class _WebSocketMessageType {	9 class _WebSocketMessageType {

10 static const int NONE = 0;	10 static const int NONE = 0;

(...skipping 507 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
518 header[index++] = 127;	518 header[index++] = 127;

519 lengthBytes = 8;	519 lengthBytes = 8;

520 } else if (dataLength > 125) {	520 } else if (dataLength > 125) {

521 header[index++] = 126;	521 header[index++] = 126;

522 lengthBytes = 2;	522 lengthBytes = 2;

523 }	523 }

524 // Write the length in network byte order into the header.	524 // Write the length in network byte order into the header.

525 for (int i = 0; i < lengthBytes; i++) {	525 for (int i = 0; i < lengthBytes; i++) {

526 header[index++] = dataLength >> (((lengthBytes - 1) - i) * 8) & 0xFF;	526 header[index++] = dataLength >> (((lengthBytes - 1) - i) * 8) & 0xFF;

527 }	527 }

528 if (mask) {	528 if (mask) {
	Anders Johnsen 2013/06/12 06:13:58 What if it's not masked? What if it's not masked? Søren Gjesse 2013/06/12 08:34:00 If it is not masked it will be send directly on th Show quoted text On 2013/06/12 06:13:58, Anders Johnsen wrote: > What if it's not masked? If it is not masked it will be send directly on the socket and checked there. The tests should cover this as data send from the server side is not masked.
529 header[1] \|= 1 << 7;	529 header[1] \|= 1 << 7;

530 var maskBytes = _IOCrypto.getRandomBytes(4);	530 var maskBytes = _IOCrypto.getRandomBytes(4);

531 header.setRange(index, index + 4, maskBytes);	531 header.setRange(index, index + 4, maskBytes);

532 index += 4;	532 index += 4;

533 if (data != null) {	533 if (data != null) {

534 var list = new Uint8List(data.length);	534 var list = new Uint8List(data.length);
	Anders Johnsen 2013/06/12 06:13:58 If we check if it's a string here, we could just a If we check if it's a string here, we could just assign data to list in that case. Søren Gjesse 2013/06/12 08:34:00 Good point. Done. Show quoted text On 2013/06/12 06:13:58, Anders Johnsen wrote: > If we check if it's a string here, we could just assign data to list in that > case. Good point. Done.
535 for (int i = 0; i < data.length; i++) {	535 if (data is Uint8List) {

536 list[i] = data[i] ^ maskBytes[i % 4];	536 for (int i = 0; i < data.length; i++) {

	537 list[i] = data[i] ^ maskBytes[i % 4];

	538 }

	539 } else {

	540 for (int i = 0; i < data.length; i++) {

	541 if (data[i] < 0 \|\| 255 < data[0]) {
	Anders Johnsen 2013/06/12 06:13:58 This reads odd, as you have two '<'. Also, second This reads odd, as you have two '<'. Also, second data index should be data[i]. Søren Gjesse 2013/06/12 08:34:00 This reads nicely :-) data[i] is outside the inter Show quoted text On 2013/06/12 06:13:58, Anders Johnsen wrote: > This reads odd, as you have two '<'. Also, second data index should be data[i]. This reads nicely :-) data[i] is outside the interval [0..255]. Fixed data[0].
	542 throw new ArgumentError("Illegal byte value ${data[0]}");

	543 }

	544 list[i] = data[i] ^ maskBytes[i % 4];

	545 }

537 }	546 }

538 data = list;	547 data = list;

539 }	548 }

540 }	549 }

541 assert(index == headerSize);	550 assert(index == headerSize);

542 if (data == null) {	551 if (data == null) {

543 return [header];	552 return [header];

544 } else {	553 } else {

545 return [header, data];	554 return [header, data];

546 }	555 }

(...skipping 249 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
796 (code < WebSocketStatus.NORMAL_CLOSURE \|\|	805 (code < WebSocketStatus.NORMAL_CLOSURE \|\|

797 code == WebSocketStatus.RESERVED_1004 \|\|	806 code == WebSocketStatus.RESERVED_1004 \|\|

798 code == WebSocketStatus.NO_STATUS_RECEIVED \|\|	807 code == WebSocketStatus.NO_STATUS_RECEIVED \|\|

799 code == WebSocketStatus.ABNORMAL_CLOSURE \|\|	808 code == WebSocketStatus.ABNORMAL_CLOSURE \|\|

800 (code > WebSocketStatus.INTERNAL_SERVER_ERROR &&	809 (code > WebSocketStatus.INTERNAL_SERVER_ERROR &&

801 code < WebSocketStatus.RESERVED_1015) \|\|	810 code < WebSocketStatus.RESERVED_1015) \|\|

802 (code >= WebSocketStatus.RESERVED_1015 &&	811 (code >= WebSocketStatus.RESERVED_1015 &&

803 code < 3000));	812 code < 3000));

804 }	813 }

805 }	814 }

OLD	NEW

« sdk/lib/io/common.dart ('K') | « sdk/lib/io/common.dart ('k') | tests/standalone/io/raw_socket_test.dart » ('j') | no next file with comments »