Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-12 Thread Brandon Carpenter
On Tue, Sep 12, 2017 at 2:01 AM, Daniel P. Berrange wrote: The problem is in the qio_channel_websock_read_wire method we refuse to read more than 4k into encinput. So if the ping payload is greater than 4k this will just loop forever. The RFC limits the payload length of

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-12 Thread Daniel P. Berrange
On Mon, Sep 11, 2017 at 10:43:21AM -0700, Brandon Carpenter wrote: > On Mon, Sep 11, 2017 at 10:37 AM, Daniel P. Berrange > wrote: > > At the time qio_channel_websock_decode_header is run, 'encinput' is only > > guaranteed to contain enough data to decode the header. > >

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-12 Thread Daniel P. Berrange
On Mon, Sep 11, 2017 at 12:04:15PM -0700, Brandon Carpenter wrote: > On Mon, Sep 11, 2017 at 10:10 AM, Daniel P. Berrange > wrote: > > It feels like this is still dangerous - the client simply has to > > interleave each "ping" with a 1 byte binary frame to get around this > >

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Brandon Carpenter
On Mon, Sep 11, 2017 at 10:10 AM, Daniel P. Berrange wrote: It feels like this is still dangerous - the client simply has to interleave each "ping" with a 1 byte binary frame to get around this limit. We need to make sure we have an absolute cap on the output buffer size.

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Brandon Carpenter
On Mon, Sep 11, 2017 at 10:37 AM, Daniel P. Berrange wrote: At the time qio_channel_websock_decode_header is run, 'encinput' is only guaranteed to contain enough data to decode the header. Because the PING opcode is a control frame, this bit of code earlier in the

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Daniel P. Berrange
On Fri, Sep 08, 2017 at 10:38:01AM -0700, Brandon Carpenter wrote: > Add an immediate ping reply (pong) to the outgoing stream when a ping > is received. Unsolicited pongs are ignored. > > Signed-off-by: Brandon Carpenter > --- > io/channel-websock.c | 50

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Daniel P. Berrange
On Mon, Sep 11, 2017 at 10:03:35AM -0700, Brandon Carpenter wrote: > On Mon, Sep 11, 2017 at 1:50 AM, Daniel P. Berrange > wrote: > > I'm concerned that there is no rate limiting here though, so if a large > > number of PINGs are sent, and writing of the reply blocks for some

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Brandon Carpenter
On Mon, Sep 11, 2017 at 1:50 AM, Daniel P. Berrange wrote: I'm concerned that there is no rate limiting here though, so if a large number of PINGs are sent, and writing of the reply blocks for some reason, encoutput will grow without bounds. That is a good point. How

Re: [Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-11 Thread Daniel P. Berrange
On Fri, Sep 08, 2017 at 10:38:01AM -0700, Brandon Carpenter wrote: > Add an immediate ping reply (pong) to the outgoing stream when a ping > is received. Unsolicited pongs are ignored. > > Signed-off-by: Brandon Carpenter > --- > io/channel-websock.c | 50

[Qemu-devel] [PATCH v2 6/6] io: Reply to ping frames

2017-09-08 Thread Brandon Carpenter
Add an immediate ping reply (pong) to the outgoing stream when a ping is received. Unsolicited pongs are ignored. Signed-off-by: Brandon Carpenter --- io/channel-websock.c | 50 -- 1 file changed, 32