New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
maxPayload crash: "this.onerror is not a function" in Receiver #680
Comments
@rkaw92 the socket is closed (line 849 in https://github.com/websockets/ws/blob/master/lib/WebSocket.js) after receiving a payload that exceeds the maxPayload (the assumption is a rogue client attempting a DOS) so it should be invalid after that. My guess is there is a race condition i.e. it receives another message before the cleanup is complete but after deleting the function. |
Doing a PR right now to fix |
@rkaw92 you may need to catch the 'not opened' error in thrown in lib/Websocket.js:218:5 to prevent a crash but this crash is expected behaviour.
|
Indeed, the fix does work. Apparently, the try {} catch block is also required around the server's .send() - otherwise an "Error: not opened" is thrown. |
The server code below can easily be crashed by sending a message that is over the size limit of 100 bytes (on master):
The output:
Specifically, I am using a very talkative test client, which keeps sending a 100KB-long "lorem ipsum" as fast as possible.
My guess is that lib/Receiver.js:122 is the part that deletes the function.
The text was updated successfully, but these errors were encountered: