rpms / libsoup

Clone
Source Code
GIT

Blame SOURCES/0002-WebSockets-allow-null-characters-in-text-messages-da.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic-beta c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8
  2.   SOURCES
  3.   0002-WebSockets-allow-null-characters-in-text-messages-da.patch
Blob History Raw
9513f3 
From 109bb2f692c746bc63a0ade8737b584aecb0b1ad Mon Sep 17 00:00:00 2001
9513f3 
From: Carlos Garcia Campos <cgarcia@igalia.com>
9513f3 
Date: Thu, 27 Jun 2019 16:03:21 +0200
9513f3 
Subject: [PATCH] WebSockets: allow null characters in text messages data
9513f3
9513f3 
RFC 6455 says that text messages should contains valid UTF-8, and null
9513f3 
characters valid according to RFC 3629. However, we are using
9513f3 
g_utf8_validate(), which considers null characters as errors, to
9513f3 
validate WebSockets text messages. This patch adds an internal
9513f3 
utf8_validate() function based on g_utf8_validate() but allowing null
9513f3 
characters and just returning a gboolean since we are always ignoring
9513f3 
the end parameter in case of errors.
9513f3 
soup_websocket_connection_send_text() assumes the given text is null
9513f3 
terminated, so we need a new public function to allow sending text
9513f3 
messages containing null characters. This patch adds
9513f3 
soup_websocket_connection_send_message() that receives a
9513f3 
SoupWebsocketDataType and GBytes, which is consistent with
9513f3 
SoupWebsocketConnection::message signal.
9513f3
9513f3 
For RHEL backport, drop the addition of soup_websocket_connection_send_message()
9513f3 
as we don't need it and don't want to expose new API.
9513f3 
diff --git libsoup/soup-websocket-connection.c libsoup/soup-websocket-connection.c
9513f3 
index 66bd6871..67a98731 100644
9513f3 
--- a/libsoup/soup-websocket-connection.c
9513f3 
+++ b/libsoup/soup-websocket-connection.c
9513f3 
@@ -155,6 +155,82 @@
9513f3
9513f3 
 static void protocol_error_and_close (SoupWebsocketConnection *self);
9513f3
9513f3 
+/* Code below is based on g_utf8_validate() implementation,
9513f3 
+ * but handling NULL characters as valid, as expected by
9513f3 
+ * WebSockets and compliant with RFC 3629.
9513f3 
+ */
9513f3 
+#define VALIDATE_BYTE(mask, expect)                             \
9513f3 
+        G_STMT_START {                                          \
9513f3 
+          if (G_UNLIKELY((*(guchar *)p & (mask)) != (expect)))  \
9513f3 
+                  return FALSE;                                 \
9513f3 
+        } G_STMT_END
9513f3 
+
9513f3 
+/* see IETF RFC 3629 Section 4 */
9513f3 
+static gboolean
9513f3 
+utf8_validate (const char *str,
9513f3 
+               gsize max_len)
9513f3 
+
9513f3 
+{
9513f3 
+        const gchar *p;
9513f3 
+
9513f3 
+        for (p = str; ((p - str) < max_len); p++) {
9513f3 
+                if (*(guchar *)p < 128)
9513f3 
+                        /* done */;
9513f3 
+                else {
9513f3 
+                        if (*(guchar *)p < 0xe0) { /* 110xxxxx */
9513f3 
+                                if (G_UNLIKELY (max_len - (p - str) < 2))
9513f3 
+                                        return FALSE;
9513f3 
+
9513f3 
+                                if (G_UNLIKELY (*(guchar *)p < 0xc2))
9513f3 
+                                        return FALSE;
9513f3 
+                        } else {
9513f3 
+                                if (*(guchar *)p < 0xf0) { /* 1110xxxx */
9513f3 
+                                        if (G_UNLIKELY (max_len - (p - str) < 3))
9513f3 
+                                                return FALSE;
9513f3 
+
9513f3 
+                                        switch (*(guchar *)p++ & 0x0f) {
9513f3 
+                                        case 0:
9513f3 
+                                                VALIDATE_BYTE(0xe0, 0xa0); /* 0xa0 ... 0xbf */
9513f3 
+                                                break;
9513f3 
+                                        case 0x0d:
9513f3 
+                                                VALIDATE_BYTE(0xe0, 0x80); /* 0x80 ... 0x9f */
9513f3 
+                                                break;
9513f3 
+                                        default:
9513f3 
+                                                VALIDATE_BYTE(0xc0, 0x80); /* 10xxxxxx */
9513f3 
+                                        }
9513f3 
+                                } else if (*(guchar *)p < 0xf5) { /* 11110xxx excluding out-of-range */
9513f3 
+                                        if (G_UNLIKELY (max_len - (p - str) < 4))
9513f3 
+                                                return FALSE;
9513f3 
+
9513f3 
+                                        switch (*(guchar *)p++ & 0x07) {
9513f3 
+                                        case 0:
9513f3 
+                                                VALIDATE_BYTE(0xc0, 0x80); /* 10xxxxxx */
9513f3 
+                                                if (G_UNLIKELY((*(guchar *)p & 0x30) == 0))
9513f3 
+                                                        return FALSE;
9513f3 
+                                                break;
9513f3 
+                                        case 4:
9513f3 
+                                                VALIDATE_BYTE(0xf0, 0x80); /* 0x80 ... 0x8f */
9513f3 
+                                                break;
9513f3 
+                                        default:
9513f3 
+                                                VALIDATE_BYTE(0xc0, 0x80); /* 10xxxxxx */
9513f3 
+                                        }
9513f3 
+                                        p++;
9513f3 
+                                        VALIDATE_BYTE(0xc0, 0x80); /* 10xxxxxx */
9513f3 
+                                } else {
9513f3 
+                                        return FALSE;
9513f3 
+                                }
9513f3 
+                        }
9513f3 
+
9513f3 
+                        p++;
9513f3 
+                        VALIDATE_BYTE(0xc0, 0x80); /* 10xxxxxx */
9513f3 
+                }
9513f3 
+        }
9513f3 
+
9513f3 
+        return TRUE;
9513f3 
+}
9513f3 
+
9513f3 
+#undef VALIDATE_BYTE
9513f3 
+
9513f3 
 static void
9513f3 
 frame_free (gpointer data)
9513f3 
 {
9513f3 
@@ -629,7 +705,7 @@
9513f3 
 		data += 2;
9513f3 
 		len -= 2;
9513f3
9513f3 
-		if (!g_utf8_validate ((char *)data, len, NULL)) {
9513f3 
+		if (!utf8_validate ((const char *)data, len)) {
9513f3 
 			g_debug ("received non-UTF8 close data: %d '%.*s' %d", (int)len, (int)len, (char *)data, (int)data[0]);
9513f3 
 			protocol_error_and_close (self);
9513f3 
 			return;
9513f3 
@@ -777,9 +853,8 @@
9513f3 
 		/* Actually deliver the message? */
9513f3 
 		if (fin) {
9513f3 
 			if (pv->message_opcode == 0x01 &&
9513f3 
-			    !g_utf8_validate((char *)pv->message_data->data,
9513f3 
-			                     pv->message_data->len,
9513f3 
-			                     NULL)) {
9513f3 
+			    !utf8_validate((const char *)pv->message_data->data,
9513f3 
+					   pv->message_data->len)) {
9513f3
9513f3 
 				g_debug ("received invalid non-UTF8 text data");
9513f3
9513f3 
@@ -1699,7 +1774,9 @@
9513f3 
  * @self: the WebSocket
9513f3 
  * @text: the message contents
9513f3 
  *
9513f3 
- * Send a text (UTF-8) message to the peer.
9513f3 
+ * Send a %NULL-terminated text (UTF-8) message to the peer. If you need
9513f3 
+ * to send text messages containing %NULL characters use
9513f3 
+ * soup_websocket_connection_send_message() instead.
9513f3 
  *
9513f3 
  * The message is queued to be sent and will be sent when the main loop
9513f3 
  * is run.
9513f3 
@@ -1717,7 +1794,7 @@
9513f3 
 	g_return_if_fail (text != NULL);
9513f3
9513f3 
 	length = strlen (text);
9513f3 
-	g_return_if_fail (g_utf8_validate (text, length, NULL));
9513f3 
+        g_return_if_fail (utf8_validate (text, length));
9513f3
9513f3 
 	send_message (self, SOUP_WEBSOCKET_QUEUE_NORMAL, 0x01, (const guint8 *) text, length);
9513f3 
 }
9513f3 
--
9513f3 
2.26.2
9513f3

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation