[Libwebsockets] [libwebsockets] #55: IE11 Pong/Timeout on Close/Empty Payload

Trac trac at libwebsockets.org
Tue Feb 25 22:58:23 CET 2014


#55: IE11 Pong/Timeout on Close/Empty Payload
------------------------------------+-----------------
 Reporter:  rchavez                 |      Owner:
     Type:  defect                  |     Status:  new
 Priority:  minor                   |  Milestone:
Component:  libwebsocket test apps  |    Version:
 Keywords:                          |
------------------------------------+-----------------
 It seems the parsers.c logic does not handle empty payloads. This issue
 occurs when IE11 connects to the server and sends Pong frames about every
 30 seconds. The frame contains only 6 bytes used to specify the op code,
 payload length, and masking key. Once libwebsockets reads the last byte of
 the masking key, it goes into a state where it expects to read the
 payload. This means the next byte received will be treated as payload and
 not as the op code. At this point, the server fails to respond correctly
 to any message. This can also occur if there is no masking key sent, which
 the WebSocket protocol does not explicitly say is incorrect.

 In the code below, it might make sense to check the length of the payload
 and proceed to read the payload only if length is greater than 0. A
 similar check should also be done when reading the length has completed.

 {{{
 case LWS_RXPS_07_COLLECT_FRAME_KEY_4:
         wsi->frame_masking_nonce_04[3] = c;
         if (c)
                 wsi->all_zero_nonce = 0;
         wsi->lws_rx_parse_state =
                                 LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
         wsi->frame_mask_index = 0;
 }}}

--
Ticket URL: <http://libwebsockets.org/trac/libwebsockets/ticket/55>
libwebsockets <http://libwebsockets.org>
libwebsockets C library



More information about the Libwebsockets mailing list