New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
avoid parsing whitespace as invalid JSON #3208
Conversation
CLA signed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the patch, Hristo! I've added a note inline.
@@ -1347,6 +1347,9 @@ static int janus_websockets_common_callback( | |||
incoming_curr += error.position; | |||
JANUS_LOG(LOG_HUGE, "[%s-%p] Parsed JSON message - consumed %zu/%zu bytes\n", | |||
log_prefix, wsi, (size_t)(incoming_curr - ws_client->incoming), incoming_length); | |||
/* Trailing whitespace after the last message results in invalid JSON error */ | |||
while isspace(*incoming_curr) | |||
incoming_curr++; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sounds like a dangerous check to me, though, since it's increasing the pointer and dereferencing it without ever checking if it got to the end and beyond (i.e., after incoming_end
). This will crash if incoming_curr
leaves the boundaries of the allocated space.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I considered this for a moment, but couldn't see how this could overflow. Still, I agree that it's better to be safe than sorry, so I pushed an update. Thanks for the feedback!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! I'll make a couple of quick ckecks later (or tomorrow morning) and in case I can't spot any issue, I'll merge both PRs (thanks for providing a backported version too) 👍
a55f6b3
to
41e3b89
Compare
Apologies for the late feedback: just tested this and it seems to be working as expected 👌 |
A single WebSocket message may contain multiple requests. The code parses one request, then continues looking for more requests in the same WebSocket message. This works fine as long as the last request has no trailing whitespace. However, if there is any trailing whitespace after the last request an attempt to parse it as JSON results in an error.
This PR simply skips any trailing whitespace after each request