[Libwebsockets] [libwebsockets] #13: Client receive buffer overflow

Trac trac at libwebsockets.org
Thu Feb 14 03:36:25 CET 2013

#13: Client receive buffer overflow
  Reporter:  dbrnz                  |      Owner:  agreen
      Type:  defect                 |     Status:  closed
  Priority:  major                  |  Milestone:
 Component:  libwebsockets library  |    Version:
Resolution:  fixed                  |   Keywords:
Changes (by agreen):

 * status:  new => closed
 * resolution:   => fixed


 Yes... if you don't define an appropriate frame buffer for your protocol
 using rx_buffer_size, it does check the length but checks against
 rx_buffer_size, which is 0, ie, no real check happens.

 I audited all the references to rx_buffer_size and found the same issue on
 server rx path.

 I patched both here


 and tagged it as v1.21-chrome26-firefox18

 Thanks a lot for the report.

Ticket URL: <http://libwebsockets.org/trac/ticket/13#comment:1>
libwebsockets <http://libwebsockets.org>
libwebsockets C library

More information about the Libwebsockets mailing list