| Summary: | ASTERISK-21825: [patch] websocket segmentation fault on certain invalid input | ||
| Reporter: | Alfred Farrugia (blackaura) | Labels: | |
| Date Opened: | 2013-05-27 12:55:03 | Date Closed: | 2013-06-12 16:02:01 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Resources/res_http_websocket |
| Versions: | 11.3.0 11.4.0 | Frequency of Occurrence | Constant |
| Related Issues: | |||
| Environment: | Ubuntu 12.10 x86_64 | Attachments: | ( 0) backtrace.txt ( 1) issueA21825_check_if_key_is_sent.patch |
| Description: | Asterisk crashes when an invalid websocket request is performed, for example:
python -c "print 'GET /ws HTTP/1.1\r\nHost: localhost:8088\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Key: \x02\r\nSec-WebSocket-Protocol: sip\r\nSec-WebSocket-Version: 7, 8, 13\r\nOrigin: http://example.com\r\n\r\n'" | nc localhost 8088 ie: passing \x00 as the websocket key crashes and produces the attached backtrace | ||
| Comments: | By: Michael L. Young (elguero) 2013-05-28 10:57:53.435-0500 Alfred, The License Agreement is only for submitting code. You don't need the license agreement for submitting a back trace. By: Alfred Farrugia (blackaura) 2013-05-28 12:36:16.602-0500 backtrace By: Walter Doekes (wdoekes) 2013-05-29 07:41:14.060-0500 Try this. Compile tested only. By: Alfred Farrugia (blackaura) 2013-05-29 13:33:03.777-0500 tested and works well now. | ||