Bug 32203 - Bad length parsing in WebSocket
Summary: Bad length parsing in WebSocket
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-06 17:12 PST by Fumitoshi Ukai
Modified: 2009-12-07 20:05 PST (History)
2 users (show)

See Also:

Attachments
Fix bad legnth parsing in WebSocket. (3.28 KB, patch)
2009-12-06 17:29 PST, Fumitoshi Ukai 		no flags Details | Formatted Diff | Diff
Fix wrong length parsing in WebSocket. (3.65 KB, patch)
2009-12-06 23:21 PST, Fumitoshi Ukai 		darin: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Fumitoshi Ukai 2009-12-06 17:12:38 PST 
WebSocket spec says "Frames denoted by bytes that have the high bit set (0x80 to 0xFF) have a leading length indicator, which is encoded as a series of 7-bit bytes stored in octets with the 8th bit being set for all but the last byte", but current implementation doesn't count the last byte with 8th bit off.
Comment 1 Fumitoshi Ukai 2009-12-06 17:29:05 PST 
Created attachment 44370 [details]
Fix bad legnth parsing in WebSocket.
Comment 2 WebKit Review Bot 2009-12-06 17:31:36 PST 
style-queue ran check-webkit-style on attachment 44370 [details] without any errors.
Comment 3 Alexey Proskuryakov 2009-12-06 22:59:23 PST 
+                int c = *p;

Can "c" have a descriptive name?

-  msg += "\x80\x81\x81"
+  msg += "\x80\x81\x01"  # skip 1*128+1 bytes.

ChangeLog should explain why changing an existing test is OK. It is not obvious why/if the bug it was originally created for is still tested.
Comment 4 Fumitoshi Ukai 2009-12-06 23:21:04 PST 
Created attachment 44388 [details]
Fix wrong length parsing in WebSocket.
Comment 5 WebKit Review Bot 2009-12-06 23:22:18 PST 
style-queue ran check-webkit-style on attachment 44388 [details] without any errors.
Comment 6 Fumitoshi Ukai 2009-12-07 20:05:58 PST 
Committed r51829: <http://trac.webkit.org/changeset/51829>