Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Use error events for malformed input #27

Merged
merged 2 commits into from

3 participants

@sorear

The context here is that I've written a node server which uses BinaryJS, and I don't want users to be able to remotely kill the server by sending bogus data, at least not easily.

@orefalo

This is great!

@ericz ericz merged commit 5a9eaf2 into binaryjs:master
@ericz
Owner

Awesome commit, thanks!

@ericz
Owner

sorry that took so long, i've been preoccupied with a particularly busy semester in college.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 20 additions and 8 deletions.
  1. +20 −8 lib/client.js
View
28 lib/client.js
@@ -78,8 +78,20 @@ function BinaryClient(socket, options) {
data = data.data;
-
- data = util.unpack(data);
+ try {
+ data = util.unpack(data);
+ } catch (ex) {
+ return self.emit('error', new Error('Received unparsable message: ' + ex));
+ }
+ if (!(data instanceof Array))
+ return self.emit('error', new Error('Received non-array message'));
+ if (data.length != 3)
+ return self.emit('error', new Error('Received message with wrong part count: ' + data.length));
+ if ('number' != typeof data[0])
+ return self.emit('error', new Error('Received message with non-number type: ' + data[0]));
+ if ('number' != typeof data[2])
+ return self.emit('error', new Error('Received message with non-number streamId: ' + data[2]));
+
switch(data[0]) {
case 0:
// Reserved
@@ -97,7 +109,7 @@ function BinaryClient(socket, options) {
if(binaryStream) {
binaryStream._onData(payload);
} else {
- self.emit('error', 'Received `data` message for unknown stream: ' + streamId);
+ self.emit('error', new Error('Received `data` message for unknown stream: ' + streamId));
}
break;
case 3:
@@ -106,7 +118,7 @@ function BinaryClient(socket, options) {
if(binaryStream) {
binaryStream._onPause();
} else {
- self.emit('error', 'Received `pause` message for unknown stream: ' + streamId);
+ self.emit('error', new Error('Received `pause` message for unknown stream: ' + streamId));
}
break;
case 4:
@@ -115,7 +127,7 @@ function BinaryClient(socket, options) {
if(binaryStream) {
binaryStream._onResume();
} else {
- self.emit('error', 'Received `resume` message for unknown stream: ' + streamId);
+ self.emit('error', new Error('Received `resume` message for unknown stream: ' + streamId));
}
break;
case 5:
@@ -124,7 +136,7 @@ function BinaryClient(socket, options) {
if(binaryStream) {
binaryStream._onEnd();
} else {
- self.emit('error', 'Received `end` message for unknown stream: ' + streamId);
+ self.emit('error', new Error('Received `end` message for unknown stream: ' + streamId));
}
break;
case 6:
@@ -133,11 +145,11 @@ function BinaryClient(socket, options) {
if(binaryStream) {
binaryStream._onClose();
} else {
- self.emit('error', 'Received `close` message for unknown stream: ' + streamId);
+ self.emit('error', new Error('Received `close` message for unknown stream: ' + streamId));
}
break;
default:
- self.emit('error', 'Unrecognized message type received: ' + data[0]);
+ self.emit('error', new Error('Unrecognized message type received: ' + data[0]));
}
});
});
Something went wrong with that request. Please try again.