Details
-
Type:
Security
-
Status: Closed
-
Severity:
Blocker
-
Resolution: Fixed
-
Affects Version/s: 15.2.0
-
Component/s: Resources/res_http_websocket
-
Labels:
Description
In ast_websocket_read() we don't adequately check that payload_len is > 0 before calling ws_safe_read(). Calling ws_safe_read with a len argument of 0 will result in a busy loop until the underlying socket is closed.
This issue has been automatically restricted and set to a blocker due to being a security type issue. If this is not a security vulnerability issue it will be moved to the appropriate issue type when triaged.