You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
that can be used to sneak past the guard clause _rxbuf.size() < ws.header_size + ws.N check.
Should be a simple fix - either by adding a reasonable limit to the ws.N value or checking for overflow before doing the addition. According to the websocket spec "the most significant bit MUST be 0" so that is a safe and simple check to do.
The text was updated successfully, but these errors were encountered:
(quoting the email exchange with a reporter)
There is an integer overflow on the receiving frame size
IXWebSocket/ixwebsocket/IXWebSocketTransport.cpp
Line 545 in 0e9cf86
Should be a simple fix - either by adding a reasonable limit to the ws.N value or checking for overflow before doing the addition. According to the websocket spec "the most significant bit MUST be 0" so that is a safe and simple check to do.
The text was updated successfully, but these errors were encountered: