Fixed websocket write memory overbounds when received data length is greater than the buffer length(default 64k)

[HelloWorldTY]

Fixed websocket write memory overbounds when received data length is greater than the buffer length(default 64k).
Websocket memory overbounds occur when:

1. websocket all data length more than wsh->bbuffer length(in libs/sofia-sip/libsofia-sip-ua/tport/ws.c,src/mod/endpoints/mod_verto/ws.c)
2. websocket double head data add playload date length more than wsh->bbuffer (in libs/sofia-sip/libsofia-sip-ua/tport/ws.c,src/mod/endpoints/mod_verto/ws.c) or wsh->buffer(in src/mod/xml_int/mod_xml_rpc/ws.c)。
   The reason for the above phenomenon is the length error of the mask operation。

[HelloWorldTY]

When websocket playload date length equal buffer length ,also write memory overbounds.Because ws_read_frame write '\0' on date end.

[andywolk]

Do you have a core dump of this?

[HelloWorldTY]

Do you have a core dump of this?

I don't know you want coredump file or backtrace.But if you wan't reproduce the bug,you can use websocket send 360190 byte to mod_verto(defualt port 8081),and freeswitch received signal SIGABRT, Aborted.
Sometimes memory overruns are not long enough to cause an easily observed phenomenon.So I used a lot of data to make it realloc multiple times and generate a signal .You can read websocket code(ws.c),You will know the length of the mask operation should be the length of the playload,and buffer should reserve 1 byte for write '\0' in our code.

the gdb message:
2020-04-27 09:12:12.697057 [DEBUG] mod_verto.c:4271 130.255.3.200:63760 Client Connect from 130.255.3.200:63760 accepted
2020-04-27 09:12:12.697057 [DEBUG] mod_verto.c:2019 130.255.3.200:63760 Starting client thread.
realloc(): invalid next size

Thread 46 "freeswitch" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffaa846700 (LWP 71223)]
0x00007ffff4f928df in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff4f928df in raise () from /lib64/libc.so.6
#1 0x00007ffff4f7ccf5 in abort () from /lib64/libc.so.6
#2 0x00007ffff4fd5c17 in __libc_message () from /lib64/libc.so.6
#3 0x00007ffff4fdc53c in malloc_printerr () from /lib64/libc.so.6
#4 0x00007ffff4fe034c in _int_realloc () from /lib64/libc.so.6
#5 0x00007ffff4fe14ab in realloc () from /lib64/libc.so.6
#6 0x00007fffd09baf45 in ws_read_frame (wsh=0x7fffd401aed0, oc=0x7fffaa845c98, data=0x7fffaa845c90) at ws.c:931
#7 0x00007fffd09aabc7 in client_run (jsock=0x7fffd401aeb8) at mod_verto.c:1899
#8 0x00007fffd09ab2a7 in client_thread (thread=0x7fffd4014f80, obj=0x7fffd401aeb8) at mod_verto.c:2022
#9 0x00007ffff7410c96 in switch_core_session_thread_pool_worker (thread=0x7fffd4014f80, obj=0x7fffd4014e10) at src/switch_core_session.c:1772
#10 0x00007ffff77683e1 in dummy_worker (opaque=0x7fffd4014f80) at threadproc/unix/thread.c:151
#11 0x00007ffff5a982de in start_thread () from /lib64/libpthread.so.0
#12 0x00007ffff5057133 in clone () from /lib64/libc.so.6
(gdb)