Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(497)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/server/web_socket.cc

Issue 2640363004: HttpServer WebSocket: don't crash on data before server handshake (Closed)
Patch Set: HttpServer WebSocket: don't crash if data received before server handshake Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/server/http_server_unittest.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/server/web_socket.cc
diff --git a/net/server/web_socket.cc b/net/server/web_socket.cc
index 79ffcecb7ada589c1c3171c27caedea4226931d4..193281ae2d69743e3f2324d3313e876f66c5335d 100644
--- a/net/server/web_socket.cc
+++ b/net/server/web_socket.cc
@@ -98,6 +98,17 @@ WebSocket::ParseResult WebSocket::Read(std::string* message) {
if (closed_)
return FRAME_CLOSE;
+ if (!encoder_) {
+ // RFC6455, section 4.1 says "Once the client's opening handshake has been
+ // sent, the client MUST wait for a response from the server before sending
+ // any further data". If encoder_ is null here, we haven't even sent a
mmenke 2017/01/23 16:17:21 nit (x2): |encoder_| is the more common pattern i
Maks Orlovich 2017/01/23 17:28:29 Done. I incorrectly assumed this was just for API
+ // server handshake in the first place, so the client clearly didn't do
+ // that, so we can reject them guilt-free, especially since we can't
mmenke 2017/01/23 16:17:21 nit (x2): Avoid we in comments, due to ambiguity.
Maks Orlovich 2017/01/23 17:28:29 Rephrased.
+ // proceed without an encoder_ anyway.
+ Fail();
mmenke 2017/01/23 16:17:21 Hrm...The caller already closes the socket when we
Maks Orlovich 2017/01/23 17:28:29 Good point, done. This does mean we don't set clos
+ return FRAME_CLOSE;
mmenke 2017/01/23 16:17:21 FRAME_ERROR seems more accurate.
Maks Orlovich 2017/01/23 17:28:29 Done.
+ }
+
HttpConnection::ReadIOBuffer* read_buf = connection_->read_buf();
base::StringPiece frame(read_buf->StartOfBuffer(), read_buf->GetSize());
int bytes_consumed = 0;
« no previous file with comments | « net/server/http_server_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698