Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(201)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/server/web_socket.cc

Issue 2640363004: HttpServer WebSocket: don't crash on data before server handshake (Closed)
Patch Set: Apply review feedback. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/server/http_server_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/server/web_socket.h" 5 #include "net/server/web_socket.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after
91 } 91 }
92 } 92 }
93 server_->SendRaw(connection_->id(), 93 server_->SendRaw(connection_->id(),
94 ValidResponseString(encoded_hash, response_extensions)); 94 ValidResponseString(encoded_hash, response_extensions));
95 } 95 }
96 96
97 WebSocket::ParseResult WebSocket::Read(std::string* message) { 97 WebSocket::ParseResult WebSocket::Read(std::string* message) {
98 if (closed_) 98 if (closed_)
99 return FRAME_CLOSE; 99 return FRAME_CLOSE;
100 100
101 if (!encoder_) {
102 // RFC6455, section 4.1 says "Once the client's opening handshake has been
103 // sent, the client MUST wait for a response from the server before sending
104 // any further data". If |encoder_| is null here, ::Accept either has not
105 // been called at all, or has rejected a request rather than producing
106 // a server handshake. Either way, the client clearly couldn't have gotten
107 // a proper server handshake, so error out, especially since this method
108 // can't proceed without an |encoder_|.
109 return FRAME_ERROR;
110 }
111
101 HttpConnection::ReadIOBuffer* read_buf = connection_->read_buf(); 112 HttpConnection::ReadIOBuffer* read_buf = connection_->read_buf();
102 base::StringPiece frame(read_buf->StartOfBuffer(), read_buf->GetSize()); 113 base::StringPiece frame(read_buf->StartOfBuffer(), read_buf->GetSize());
103 int bytes_consumed = 0; 114 int bytes_consumed = 0;
104 ParseResult result = encoder_->DecodeFrame(frame, &bytes_consumed, message); 115 ParseResult result = encoder_->DecodeFrame(frame, &bytes_consumed, message);
105 if (result == FRAME_OK) 116 if (result == FRAME_OK)
106 read_buf->DidConsume(bytes_consumed); 117 read_buf->DidConsume(bytes_consumed);
107 if (result == FRAME_CLOSE) 118 if (result == FRAME_CLOSE)
108 closed_ = true; 119 closed_ = true;
109 return result; 120 return result;
110 } 121 }
(...skipping 13 matching lines...) Expand all
124 } 135 }
125 136
126 void WebSocket::SendErrorResponse(const std::string& message) { 137 void WebSocket::SendErrorResponse(const std::string& message) {
127 if (closed_) 138 if (closed_)
128 return; 139 return;
129 closed_ = true; 140 closed_ = true;
130 server_->Send500(connection_->id(), message); 141 server_->Send500(connection_->id(), message);
131 } 142 }
132 143
133 } // namespace net 144 } // namespace net
OLDNEW
« no previous file with comments | « net/server/http_server_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698