diff options
author | Kevin Harwell <kharwell@digium.com> | 2014-06-16 16:22:33 +0000 |
---|---|---|
committer | Kevin Harwell <kharwell@digium.com> | 2014-06-16 16:22:33 +0000 |
commit | bd0aa4fb04afe0d91b5fac2fc697fafd644cc907 (patch) | |
tree | 43dd06d444f6725302ed3333c98a451e9c8e9602 /res/res_http_websocket.c | |
parent | a1e0a5e4b07387bcc59afa7c0ab9f960a389ac15 (diff) |
res_http_websocket: read/write string fixup
There was a problem when reading a string from the websocket. It assumed the
received data had a null terminator and tried to write the data to an ast_str.
This of course could/would read past the end of the given buffer while
writing the data to the internal buffer of ast_str. Modified the the code to
correctly place a null terminator on the result string.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@416394 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res/res_http_websocket.c')
-rw-r--r-- | res/res_http_websocket.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/res/res_http_websocket.c b/res/res_http_websocket.c index 744521507..07fcd9e2e 100644 --- a/res/res_http_websocket.c +++ b/res/res_http_websocket.c @@ -497,7 +497,6 @@ int AST_OPTIONAL_API_NAME(ast_websocket_read)(struct ast_websocket *session, cha if (ws_safe_read(session, (*payload), (*payload_len), opcode)) { return 0; } - /* If a mask is present unmask the payload */ if (mask_present) { unsigned int pos; @@ -1199,19 +1198,13 @@ struct ast_websocket *AST_OPTIONAL_API_NAME(ast_websocket_client_create) } int AST_OPTIONAL_API_NAME(ast_websocket_read_string) - (struct ast_websocket *ws, struct ast_str **buf) + (struct ast_websocket *ws, char **buf) { char *payload; uint64_t payload_len; enum ast_websocket_opcode opcode; int fragmented = 1; - if (!*buf && !(*buf = ast_str_create(512))) { - ast_log(LOG_ERROR, "Client Websocket string read - " - "Unable to allocate string buffer"); - return -1; - } - while (fragmented) { if (ast_websocket_read(ws, &payload, &payload_len, &opcode, &fragmented)) { @@ -1220,6 +1213,10 @@ int AST_OPTIONAL_API_NAME(ast_websocket_read_string) return -1; } + if (opcode == AST_WEBSOCKET_OPCODE_CONTINUATION) { + continue; + } + if (opcode == AST_WEBSOCKET_OPCODE_CLOSE) { return -1; } @@ -1229,17 +1226,21 @@ int AST_OPTIONAL_API_NAME(ast_websocket_read_string) "non string data received\n"); return -1; } + } - ast_str_append(buf, 0, "%s", payload); + if (!(*buf = ast_malloc(payload_len + 1))) { + return -1; } - return ast_str_size(*buf); + + ast_copy_string(*buf, payload, payload_len + 1); + return payload_len + 1; } int AST_OPTIONAL_API_NAME(ast_websocket_write_string) - (struct ast_websocket *ws, const struct ast_str *buf) + (struct ast_websocket *ws, const char *buf) { return ast_websocket_write(ws, AST_WEBSOCKET_OPCODE_TEXT, - ast_str_buffer(buf), ast_str_strlen(buf)); + (char *)buf, strlen(buf)); } static int load_module(void) |