You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently on go1.4.2 windows/amd64, hybiFrameHeader uses int64 for the length of the packet. If a header size is greater than int64 the length will become negative. This causes the data in the packet to become the header of the next packet.
Per the RFC specs the length should be uint64 or the websocket library should check for overflows.
The text was updated successfully, but these errors were encountered:
mikioh
changed the title
golang.org/x/net/websocket: Integer overflow on hybiFrameHeader Length
x/net/websocket: Integer overflow on hybiFrameHeader Length
Aug 3, 2015
Payload length: 7 bits, 7+16 bits, or 7+64 bits
The length of the "Payload data", in bytes: ... (snip)
following 8 bytes interpreted as a 64-bit unsigned integer (the
most significant bit MUST be 0) are the payload length.
Currently on go1.4.2 windows/amd64, hybiFrameHeader uses int64 for the length of the packet. If a header size is greater than int64 the length will become negative. This causes the data in the packet to become the header of the next packet.
Per the RFC specs the length should be uint64 or the websocket library should check for overflows.
The text was updated successfully, but these errors were encountered: