websocket

Commit Graph

Author	SHA1	Message	Date
re	9204c968d1	fix repos	2022-12-12 15:36:04 +03:00
Matt Silverlock	5b740c2926	Read Limit Fix (#537 ) This fix addresses a potential denial-of-service (DoS) vector that can cause an integer overflow in the presence of malicious WebSocket frames. The fix adds additional checks against the remaining bytes on a connection, as well as a test to prevent regression. Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review. * build: go.mod to go1.12 * bugfix: fix DoS vector caused by readLimit bypass * test: update TestReadLimit sub-test * bugfix: payload length 127 should read bytes as uint64 * bugfix: defend against readLength overflows	2019-08-24 18:17:28 -07:00
Saddam H	7c8e298727	Add support for go-module	2019-02-04 16:44:14 -08:00

Author

SHA1

Message

Date

9204c968d1

fix repos

2022-12-12 15:36:04 +03:00

Matt Silverlock

5b740c2926

Read Limit Fix (#537 )

This fix addresses a potential denial-of-service (DoS) vector that can cause an integer overflow in the presence of malicious WebSocket frames.

The fix adds additional checks against the remaining bytes on a connection, as well as a test to prevent regression.

Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review.

* build: go.mod to go1.12
* bugfix: fix DoS vector caused by readLimit bypass
* test: update TestReadLimit sub-test
* bugfix: payload length 127 should read bytes as uint64
* bugfix: defend against readLength overflows

2019-08-24 18:17:28 -07:00

Saddam H

7c8e298727

Add support for go-module

2019-02-04 16:44:14 -08:00

3 Commits