aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorteravus2013-03-05 00:04:09 -0500
committerteravus2013-03-05 00:04:09 -0500
commit69fbcdf14c00fc882477b18af962a932db0d54ee (patch)
tree9eb27654259d0c4c3ff254b4ad5c51bdd6db75eb
parent* Update LibOMV to f8f8e616b37a7ea22b7922b2331999bc06725bf9 (diff)
downloadopensim-SC_OLD-69fbcdf14c00fc882477b18af962a932db0d54ee.zip
opensim-SC_OLD-69fbcdf14c00fc882477b18af962a932db0d54ee.tar.gz
opensim-SC_OLD-69fbcdf14c00fc882477b18af962a932db0d54ee.tar.bz2
opensim-SC_OLD-69fbcdf14c00fc882477b18af962a932db0d54ee.tar.xz
* Add a Max Payload size property to the Websocket Server Handler. If you would like to restrict the maximum packet size, (and therefore protect against Memory DOSing) then you should set this. I defaulted it to 40MB. This means that in theory, a malicious user could connect and send a packet that claims that the payload is up to 40 mb (even if it doesn't actually turn out to be 40mb. More testing needs to be done on it where the packets are maliciously malformed.
-rw-r--r--OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs17
1 files changed, 16 insertions, 1 deletions
diff --git a/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs b/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
index bb8825b..ee96b47 100644
--- a/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
+++ b/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
@@ -108,6 +108,7 @@ namespace OpenSim.Framework.Servers.HttpServer
108 private int _bufferLength; 108 private int _bufferLength;
109 private bool _closing; 109 private bool _closing;
110 private bool _upgraded; 110 private bool _upgraded;
111 private int _maxPayloadBytes = 41943040;
111 112
112 private const string HandshakeAcceptText = 113 private const string HandshakeAcceptText =
113 "HTTP/1.1 101 Switching Protocols\r\n" + 114 "HTTP/1.1 101 Switching Protocols\r\n" +
@@ -196,6 +197,15 @@ namespace OpenSim.Framework.Servers.HttpServer
196 } 197 }
197 198
198 /// <summary> 199 /// <summary>
200 /// Max Payload Size in bytes. Defaults to 40MB, but could be set upon connection before calling handshake and upgrade.
201 /// </summary>
202 public int MaxPayloadSize
203 {
204 get { return _maxPayloadBytes; }
205 set { _maxPayloadBytes = value; }
206 }
207
208 /// <summary>
199 /// This triggers the websocket start the upgrade process 209 /// This triggers the websocket start the upgrade process
200 /// </summary> 210 /// </summary>
201 public void HandshakeAndUpgrade() 211 public void HandshakeAndUpgrade()
@@ -367,7 +377,12 @@ namespace OpenSim.Framework.Servers.HttpServer
367 if (headerread) 377 if (headerread)
368 { 378 {
369 _socketState.FrameComplete = false; 379 _socketState.FrameComplete = false;
370 380 if (pheader.PayloadLen > (ulong) _maxPayloadBytes)
381 {
382 Close("Invalid Payload size");
383
384 return;
385 }
371 if (pheader.PayloadLen > 0) 386 if (pheader.PayloadLen > 0)
372 { 387 {
373 if ((int) pheader.PayloadLen > _bufferPosition - offset) 388 if ((int) pheader.PayloadLen > _bufferPosition - offset)