Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix bug #128.

  • Loading branch information...
commit 18c0f5307bd5f169d8770ba06c56cfddd84d0074 1 parent fb4df1f
Ahti Legonkov authored
Showing with 13 additions and 5 deletions.
  1. +13 −5 src/yaws_websockets.erl
18 src/yaws_websockets.erl
View
@@ -461,7 +461,7 @@ ws_frame_info(#ws_state{sock=Socket},
case check_control_frame(Len1, Opcode, Fin) of
ok ->
{ws_frame_info_secondary, Length, MaskingKey, Payload, Excess}
- = ws_frame_info_secondary(Socket, Len1, Rest),
+ = ws_frame_info_secondary(Socket, Masked, Len1, Rest),
FrameInfo = #ws_frame_info{fin=Fin,
rsv=Rsv,
opcode=opcode_to_atom(Opcode),
@@ -477,16 +477,21 @@ ws_frame_info(#ws_state{sock=Socket},
ws_frame_info(State = #ws_state{sock=Socket}, FirstPacket) ->
ws_frame_info(State, buffer(Socket, 2,FirstPacket)).
-ws_frame_info_secondary(Socket, Len1, Rest) ->
+
+ws_frame_info_secondary(Socket, Masked, Len1, Rest) ->
+ MaskLength = case Masked of
+ 0 -> 0;
+ 1 -> 4
+ end,
case Len1 of
126 ->
- <<Len:16, MaskingKey:4/binary, Rest2/binary>> =
+ <<Len:16, MaskingKey:MaskLength/binary, Rest2/binary>> =
buffer(Socket, 6, Rest);
127 ->
- <<Len:64, MaskingKey:4/binary, Rest2/binary>> =
+ <<Len:64, MaskingKey:MaskLength/binary, Rest2/binary>> =
buffer(Socket, 12, Rest);
Len ->
- <<MaskingKey:4/binary, Rest2/binary>> = buffer(Socket, 4, Rest)
+ <<MaskingKey:MaskLength/binary, Rest2/binary>> = buffer(Socket, 4, Rest)
end,
if
Len > ?MAX_PAYLOAD ->
@@ -650,6 +655,9 @@ mask(MaskBin, Data) ->
rmask(_,<<>>) ->
[<<>>];
+rmask(<<>>, Data) ->
+ [Data];
+
rmask(MaskBin = <<Mask:4/integer-unit:8>>,
<<Data:4/integer-unit:8, Rest/binary>>) ->
Masked = Mask bxor Data,

4 comments on commit 18c0f53

Steve Vinoski

Do you have a test case we can add to the test suite to prevent regressions on this bug?

Ahti Legonkov
Owner

No, but I could make one. Where should that test be? Is file t2/app_test.erl and function test_websocket/0 a good place?

Steve Vinoski

Yes, t2/app_test.erl, function test_websocket/0.

Steve Vinoski

Meanwhile, I ran the autobahn fuzzingclient tests with your changes and it doesn't break anything. That's good. :)

Please sign in to comment.
Something went wrong with that request. Please try again.