Bug 30668

Summary: WebSocket frame parse error when high order bit of frame_type is on.
Product: WebKit Reporter: Fumitoshi Ukai <ukai>
Component: WebKit Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
Attachments:
Description Flags
Fix WebSocket frame parser of frame_type with high-order bit set.
none
Fix WebSocket frame parser of frame_type with high-order bit set.
none
Fix WebSocket frame parser of frame_type with high-order bit set. ap: review+

Description Fumitoshi Ukai 2009-10-22 01:41:13 PDT 
When high order bit of frame_type is on, it gets length and tries skipping.
However, if it has short size of buffer, it failed to skip the length.
Comment 1 Fumitoshi Ukai 2009-10-22 01:49:54 PDT 
Created attachment 41647 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.
Comment 2 Eric Seidel (no email) 2009-10-22 10:43:39 PDT 
Comment on attachment 41647 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.

Why can't we land tests now and just skip them?  It's difficult for me to tell what this is doing juts from reading the code.
Comment 3 David Levin 2009-10-30 12:12:05 PDT 
Comment on attachment 41647 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.

r- per Eric's comment. Needs a layout test even if it is disabled.
Comment 4 Fumitoshi Ukai 2009-11-04 01:53:10 PST 
Created attachment 42466 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.
Comment 5 David Levin 2009-11-11 01:20:02 PST 
Comment on attachment 42466 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.

I haven't reviewed it completely -- at first glance it looks good.

Unfortunately, I'm fairly certain this patch needs to be updated since Yuzo changed some of the same files in a similar manner, so this patch has conflicts now. r- for that.
Comment 6 Fumitoshi Ukai 2009-11-11 02:07:41 PST 
Created attachment 42941 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.
Comment 7 Alexey Proskuryakov 2009-11-11 18:57:50 PST 
Comment on attachment 42941 [details]
Fix WebSocket frame parser of frame_type with high-order bit set.

+        ():

Please remove such artifacts from ChangeLogs.

+setTimeout("finish()", 2000);

My understanding is that this will not happen in normal case - is that correct?

r=me
Comment 8 Fumitoshi Ukai 2009-11-11 20:18:46 PST 
Committed r50862: <http://trac.webkit.org/changeset/50862>
Comment 9 Fumitoshi Ukai 2009-11-11 20:26:11 PST 
(In reply to comment #7)
> (From update of attachment 42941 [details])
> +        ():
> 
> Please remove such artifacts from ChangeLogs.
> 
> +setTimeout("finish()", 2000);
> 
> My understanding is that this will not happen in normal case - is that correct?

Yes. In normal case, onclose() will be called soon and finish the test.