57524 – Opcode and other fields calculated wrong in mod_lua websockets

Bug 57524 - Opcode and other fields calculated wrong in mod_lua websockets

Summary: Opcode and other fields calculated wrong in mod_lua websockets

Status:	RESOLVED FIXED

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_lua (show other bugs)
Version:	2.5-HEAD
Hardware:	PC Linux

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:	PatchAvailable

Depends on:
Blocks:

Reported:	2015-02-02 18:35 UTC by Edward Lu
Modified:	2015-06-29 19:42 UTC (History)
CC List:	0 users

Attachments
Fix bit finagling in lua_websocket_read() (1.77 KB, patch) 2015-02-02 18:35 UTC, Edward Lu	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Edward Lu 2015-02-02 18:35:17 UTC

Created attachment 32425 [details]
Fix bit finagling in lua_websocket_read()

The finagling of bits in mod_lua's lua_websocket_read() seems to be a bit off. The size of char is assumed to be 8 bits, and char is assumed to be unsigned. When these two assumptions aren't met, bad things happen; in the worst case, I got the wrong opcode and payload length because of sign extending.

The attached patch corrects the bit operations. As a bonus, it also comments another (unrelated) assumption the implementation makes - something to be fixed later.

Comment 1 Christophe JAILLET 2015-06-27 07:43:21 UTC

Another patch has been applied to trunk (r1657261) and backported to 2.4.x (r1664118). It is now part of the (unreleased) 2.4.13.

Looking different from your proposal, could you please check if it solves your issue?

Comment 2 Edward Lu 2015-06-29 19:42:53 UTC

Looks like this specific problem was fixed in r1657256 in trunk and r1664117 in 2.4.x. Closing the bug report.