On Tue, Sep 12, 2017 at 2:01 AM, Daniel P. Berrange
wrote:
The problem is in the qio_channel_websock_read_wire method we refuse
to read more than 4k into encinput. So if the ping payload is greater
than 4k this will just loop forever.
The RFC limits the payload length of
On Mon, Sep 11, 2017 at 10:43:21AM -0700, Brandon Carpenter wrote:
> On Mon, Sep 11, 2017 at 10:37 AM, Daniel P. Berrange
> wrote:
> > At the time qio_channel_websock_decode_header is run, 'encinput' is only
> > guaranteed to contain enough data to decode the header.
>
>
On Mon, Sep 11, 2017 at 12:04:15PM -0700, Brandon Carpenter wrote:
> On Mon, Sep 11, 2017 at 10:10 AM, Daniel P. Berrange
> wrote:
> > It feels like this is still dangerous - the client simply has to
> > interleave each "ping" with a 1 byte binary frame to get around this
> >
On Mon, Sep 11, 2017 at 10:10 AM, Daniel P. Berrange
wrote:
It feels like this is still dangerous - the client simply has to
interleave each "ping" with a 1 byte binary frame to get around this
limit. We need to make sure we have an absolute cap on the output
buffer size.
On Mon, Sep 11, 2017 at 10:37 AM, Daniel P. Berrange
wrote:
At the time qio_channel_websock_decode_header is run, 'encinput' is
only guaranteed to contain enough data to decode the header.
Because the PING opcode is a control frame, this bit of code earlier in
the
On Fri, Sep 08, 2017 at 10:38:01AM -0700, Brandon Carpenter wrote:
> Add an immediate ping reply (pong) to the outgoing stream when a ping
> is received. Unsolicited pongs are ignored.
>
> Signed-off-by: Brandon Carpenter
> ---
> io/channel-websock.c | 50
On Mon, Sep 11, 2017 at 10:03:35AM -0700, Brandon Carpenter wrote:
> On Mon, Sep 11, 2017 at 1:50 AM, Daniel P. Berrange
> wrote:
> > I'm concerned that there is no rate limiting here though, so if a large
> > number of PINGs are sent, and writing of the reply blocks for some
On Mon, Sep 11, 2017 at 1:50 AM, Daniel P. Berrange
wrote:
I'm concerned that there is no rate limiting here though, so if a
large number of PINGs are sent, and writing of the reply blocks for
some reason, encoutput will grow without bounds.
That is a good point. How
On Fri, Sep 08, 2017 at 10:38:01AM -0700, Brandon Carpenter wrote:
> Add an immediate ping reply (pong) to the outgoing stream when a ping
> is received. Unsolicited pongs are ignored.
>
> Signed-off-by: Brandon Carpenter
> ---
> io/channel-websock.c | 50
Add an immediate ping reply (pong) to the outgoing stream when a ping
is received. Unsolicited pongs are ignored.
Signed-off-by: Brandon Carpenter
---
io/channel-websock.c | 50 --
1 file changed, 32
10 matches
Mail list logo