diff options
5 files changed, 45 insertions, 1 deletions
diff --git a/src/coreclr/src/debug/createdump/dumpwriter.cpp b/src/coreclr/src/debug/createdump/dumpwriter.cpp index 3c61aeb9e56..2abebb2e4f9 100644 --- a/src/coreclr/src/debug/createdump/dumpwriter.cpp +++ b/src/coreclr/src/debug/createdump/dumpwriter.cpp @@ -23,7 +23,7 @@ DumpWriter::~DumpWriter() bool DumpWriter::OpenDump(const char* dumpFileName) { - m_fd = open(dumpFileName, O_WRONLY|O_CREAT|O_TRUNC, 0664); + m_fd = open(dumpFileName, O_WRONLY|O_CREAT|O_TRUNC, S_IWUSR | S_IRUSR); if (m_fd == -1) { fprintf(stderr, "Could not open output %s: %d %s\n", dumpFileName, errno, strerror(errno)); diff --git a/src/libraries/Common/src/System/Net/WebSockets/ManagedWebSocket.cs b/src/libraries/Common/src/System/Net/WebSockets/ManagedWebSocket.cs index 38a83c25d15..c44a3ce0335 100644 --- a/src/libraries/Common/src/System/Net/WebSockets/ManagedWebSocket.cs +++ b/src/libraries/Common/src/System/Net/WebSockets/ManagedWebSocket.cs @@ -1020,6 +1020,14 @@ namespace System.Net.WebSockets return SR.net_Websockets_ReservedBitsSet; } + if (header.PayloadLength < 0) + { + // as per RFC, if payload length is a 64-bit integer, the most significant bit MUST be 0 + // frame-payload-length-63 = %x0000000000000000-7FFFFFFFFFFFFFFF; 64 bits in length + resultHeader = default; + return SR.net_Websockets_InvalidPayloadLength; + } + if (masked) { if (!_isServer) diff --git a/src/libraries/Common/tests/System/Net/WebSockets/WebSocketCreateTest.cs b/src/libraries/Common/tests/System/Net/WebSockets/WebSocketCreateTest.cs index f22a8add7d9..55c60e6e87c 100644 --- a/src/libraries/Common/tests/System/Net/WebSockets/WebSocketCreateTest.cs +++ b/src/libraries/Common/tests/System/Net/WebSockets/WebSocketCreateTest.cs @@ -147,6 +147,36 @@ namespace System.Net.WebSockets.Tests } } + [Theory] + [InlineData(new byte[] { 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }, false)] // max allowed value + [InlineData(new byte[] { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, true)] + public async Task ReceiveAsync_InvalidPayloadLength_AbortsAndThrowsException(byte[] lenBytes, bool shouldFail) + { + var frame = new byte[11]; + frame[0] = 0b1_000_0010; // FIN, RSV, OPCODE + frame[1] = 0b0_1111111; // MASK, PAYLOAD_LEN + Array.Copy(lenBytes, 0, frame, 2, lenBytes.Length); // EXTENDED_PAYLOAD_LEN + frame[10] = (byte)'a'; + + using var stream = new MemoryStream(frame, writable: true); + using WebSocket websocket = CreateFromStream(stream, false, null, Timeout.InfiniteTimeSpan); + + var buffer = new byte[1]; + Task<WebSocketReceiveResult> t = websocket.ReceiveAsync(new ArraySegment<byte>(buffer), CancellationToken.None); + if (shouldFail) + { + var exc = await Assert.ThrowsAsync<WebSocketException>(() => t); + Assert.Equal(WebSocketState.Aborted, websocket.State); + } + else + { + WebSocketReceiveResult result = await t; + Assert.False(result.EndOfMessage); + Assert.Equal(1, result.Count); + Assert.Equal('a', (char)buffer[0]); + } + } + [Fact] [PlatformSpecific(~TestPlatforms.Browser)] // System.Net.Sockets is not supported on this platform. [ActiveIssue("https://github.com/dotnet/runtime/issues/34690", TestPlatforms.Windows, TargetFrameworkMonikers.Netcoreapp, TestRuntimes.Mono)] diff --git a/src/libraries/System.Net.WebSockets.WebSocketProtocol/src/Resources/Strings.resx b/src/libraries/System.Net.WebSockets.WebSocketProtocol/src/Resources/Strings.resx index 1c8cf89eca5..2c51ebfef8a 100644 --- a/src/libraries/System.Net.WebSockets.WebSocketProtocol/src/Resources/Strings.resx +++ b/src/libraries/System.Net.WebSockets.WebSocketProtocol/src/Resources/Strings.resx @@ -111,4 +111,7 @@ <data name="net_Websockets_UnknownOpcode" xml:space="preserve"> <value>The WebSocket received a frame with an unknown opcode: '0x{0}'.</value> </data> + <data name="net_Websockets_InvalidPayloadLength" xml:space="preserve"> + <value>The WebSocket received a frame with an invalid payload length.</value> + </data> </root> diff --git a/src/libraries/System.Net.WebSockets/src/Resources/Strings.resx b/src/libraries/System.Net.WebSockets/src/Resources/Strings.resx index a4f630ea24c..7b09eddf32c 100644 --- a/src/libraries/System.Net.WebSockets/src/Resources/Strings.resx +++ b/src/libraries/System.Net.WebSockets/src/Resources/Strings.resx @@ -138,4 +138,7 @@ <data name="NotWriteableStream" xml:space="preserve"> <value>The base stream is not writeable.</value> </data> + <data name="net_Websockets_InvalidPayloadLength" xml:space="preserve"> + <value>The WebSocket received a frame with an invalid payload length.</value> + </data> </root> |