Changeset 56380 in webkit


Ignore:
Timestamp:
Mar 22, 2010, 11:08:33 PM (14 years ago)
Author:
ukai@chromium.org
Message:

2010-03-19 Abhishek Arya <inferno@chromium.org>

Reviewed by Adam Barth.

https://bugs.webkit.org/show_bug.cgi?id=36339
This LayoutTest tests for webkit ability to process long invalid headers generated by misbehaving websockets servers.

  • websocket/tests/long-invalid-header-expected.txt: Added.
  • websocket/tests/long-invalid-header.html: Added.
  • websocket/tests/long-invalid-header_wsh.py: Added.
  • websocket/tests/script-tests/long-invalid-header.js: Added.

2010-03-19 Abhishek Arya <inferno@chromium.org>

Reviewed by Adam Barth.

https://bugs.webkit.org/show_bug.cgi?id=36339
Off-by-one memory corruption fix for long invalid websockets upgrade header

Test: websocket/tests/long-invalid-header.html

  • websockets/WebSocketHandshake.cpp: (WebCore::WebSocketHandshake::readServerHandshake):
Location:
trunk
Files:
4 added
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r56379 r56380  
     12010-03-19  Abhishek Arya  <inferno@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=36339
     6        This LayoutTest tests for webkit ability to process long invalid headers generated by misbehaving websockets servers.
     7
     8        * websocket/tests/long-invalid-header-expected.txt: Added.
     9        * websocket/tests/long-invalid-header.html: Added.
     10        * websocket/tests/long-invalid-header_wsh.py: Added.
     11        * websocket/tests/script-tests/long-invalid-header.js: Added.
     12
    1132010-03-22  David Kilzer  <ddkilzer@apple.com>
    214
  • trunk/WebCore/ChangeLog

    r56377 r56380  
     12010-03-19  Abhishek Arya  <inferno@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=36339
     6        Off-by-one memory corruption fix for long invalid websockets upgrade header
     7
     8        Test: websocket/tests/long-invalid-header.html
     9
     10        * websockets/WebSocketHandshake.cpp:
     11        (WebCore::WebSocketHandshake::readServerHandshake):
     12
    1132010-03-22  Fumitoshi Ukai  <ukai@chromium.org>
    214
  • trunk/WebCore/websockets/WebSocketHandshake.cpp

    r55570 r56380  
    259259    }
    260260    const char* p = header + sizeof(webSocketServerHandshakeHeader) - 1;
    261     const char* end = header + len + 1;
     261    const char* end = header + len;
    262262
    263263    if (m_mode == Normal) {
Note: See TracChangeset for help on using the changeset viewer.