[libsoup/wip/validate-close-code] websocket-connection: validate received peer closing code

From: Ignacio Casal Quinteiro <icq src gnome org>
To: commits-list gnome org
Cc:
Subject: [libsoup/wip/validate-close-code] websocket-connection: validate received peer closing code
Date: Wed, 7 Dec 2016 16:17:11 +0000 (UTC)

commit fcfac3e1d0e384455f6cfbac0f94a3d4de5d23c9
Author: Ignacio Casal Quinteiro <icq gnome org>
Date:   Wed Dec 7 17:15:13 2016 +0100

    websocket-connection: validate received peer closing code
    
    We cannot trust the received closing code sent by the peer and
    we should validate it before trying to call the close method.
    
    This fixes an assertion on the tests 7.9.* of autobahn:
    See https://github.com/crossbario/autobahn-testsuite

 libsoup/soup-websocket-connection.c |   29 +++++++++++++++++++++++++++--
 1 files changed, 27 insertions(+), 2 deletions(-)
---
diff --git a/libsoup/soup-websocket-connection.c b/libsoup/soup-websocket-connection.c
index ed82a27..9e10efd 100644
--- a/libsoup/soup-websocket-connection.c
+++ b/libsoup/soup-websocket-connection.c
@@ -565,8 +565,33 @@ receive_close (SoupWebsocketConnection *self,
                if (pv->connection_type == SOUP_WEBSOCKET_CONNECTION_SERVER)
                        close_io_stream (self);
        } else {
-               /* Send back the response */
-               soup_websocket_connection_close (self, pv->peer_close_code, NULL);
+               /* Validate the closing code received by the peer */
+               switch (pv->peer_close_code) {
+               case SOUP_WEBSOCKET_CLOSE_NO_EXTENSION:
+                       if (pv->connection_type == SOUP_WEBSOCKET_CONNECTION_SERVER) {
+                               g_warning ("Wrong closing code %d received for a server connection",
+                                          pv->peer_close_code);
+                               break;
+                       }
+               case SOUP_WEBSOCKET_CLOSE_SERVER_ERROR:
+                       if (pv->connection_type != SOUP_WEBSOCKET_CONNECTION_SERVER) {
+                               g_warning ("Wrong closing code %d received for a non server connection",
+                                          pv->peer_close_code);
+                               break;
+                       }
+               case SOUP_WEBSOCKET_CLOSE_NORMAL:
+               case SOUP_WEBSOCKET_CLOSE_GOING_AWAY:
+               case SOUP_WEBSOCKET_CLOSE_PROTOCOL_ERROR:
+               case SOUP_WEBSOCKET_CLOSE_UNSUPPORTED_DATA:
+               case SOUP_WEBSOCKET_CLOSE_BAD_DATA:
+               case SOUP_WEBSOCKET_CLOSE_POLICY_VIOLATION:
+               case SOUP_WEBSOCKET_CLOSE_TOO_BIG:
+                       /* Send back the response */
+                       soup_websocket_connection_close (self, pv->peer_close_code, NULL);
+                       break;
+               default:
+                       g_warning ("Wrong closing code %d received", pv->peer_close_code);
+               }
        }
 }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]