* Add a Max Payload size property to the Websocket Server Handler. If you would like to restrict the maximum packet size, (and therefore protect against Memory DOSing) then you should set this. I defaulted it to 40MB. This means that in theory, a malicious user could connect and send a packet that claims that the payload is up to 40 mb (even if it doesn't actually turn out to be 40mb. More testing needs to be done on it where the packets are maliciously malformed.
teravus
parent
7556b42d7a
commit
69fbcdf14c
|
|
@ -108,6 +108,7 @@ namespace OpenSim.Framework.Servers.HttpServer
|
|||
private int _bufferLength;
|
||||
private bool _closing;
|
||||
private bool _upgraded;
|
||||
private int _maxPayloadBytes = 41943040;
|
||||
|
||||
private const string HandshakeAcceptText =
|
||||
"HTTP/1.1 101 Switching Protocols\r\n" +
|
||||
|
|
@ -195,6 +196,15 @@ namespace OpenSim.Framework.Servers.HttpServer
|
|||
HandshakeAndUpgrade();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Max Payload Size in bytes. Defaults to 40MB, but could be set upon connection before calling handshake and upgrade.
|
||||
/// </summary>
|
||||
public int MaxPayloadSize
|
||||
{
|
||||
get { return _maxPayloadBytes; }
|
||||
set { _maxPayloadBytes = value; }
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// This triggers the websocket start the upgrade process
|
||||
/// </summary>
|
||||
|
|
@ -367,7 +377,12 @@ namespace OpenSim.Framework.Servers.HttpServer
|
|||
if (headerread)
|
||||
{
|
||||
_socketState.FrameComplete = false;
|
||||
|
||||
if (pheader.PayloadLen > (ulong) _maxPayloadBytes)
|
||||
{
|
||||
Close("Invalid Payload size");
|
||||
|
||||
return;
|
||||
}
|
||||
if (pheader.PayloadLen > 0)
|
||||
{
|
||||
if ((int) pheader.PayloadLen > _bufferPosition - offset)
|
||||
|
|
|
|||
Loading…
Reference in New Issue