1. Updated to use #define for maximum header size

2. Modified AsyncSocket_Disconnect, to shutdown SD_SEND/SHUT_RD, instead of RDWR/BOTH, because sent data could be lost if a reset was sent 3. Added hardening for http.server packet parsing
2026-01-07 11:03:55 +00:00 · 2019-03-26 22:10:29 -07:00
parent 65ebe45873
commit ed18cb7944
4 changed files with 112 additions and 22 deletions
--- a/microstack/ILibAsyncSocket.c
+++ b/microstack/ILibAsyncSocket.c
@@ -795,11 +795,11 @@ void ILibAsyncSocket_Disconnect(ILibAsyncSocket_SocketModule socketModule)
 		{
 #if defined(_WIN32_WCE) || defined(WIN32)
 #if defined(WINSOCK2)
-			shutdown(s, SD_BOTH);
+			shutdown(s, SD_SEND);
 #endif
 			closesocket(s);
 #elif defined(_POSIX)
-			shutdown(s, SHUT_RDWR);
+			shutdown(s, SHUT_RD);
 			close(s);
 #endif
 		}
--- a/microstack/ILibWebClient.h
+++ b/microstack/ILibWebClient.h
@@ -52,15 +52,16 @@ extern "C" {
 #endif
 #endif

-#define WEBSOCKET_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
-#define WEBSOCKET_FIN		0x08000
-#define WEBSOCKET_RSV1		0x04000
-#define WEBSOCKET_RSV2		0x02000
-#define WEBSOCKET_RSV3		0x01000
-#define WEBSOCKET_RSV		0x07000
-#define WEBSOCKET_OPCODE	0x00F00
-#define WEBSOCKET_MASK		0x00080
-#define WEBSOCKET_PLEN		0x0007F
+#define HTTP_MAX_HEADER_SIZE	4096
+#define WEBSOCKET_GUID			"258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
+#define WEBSOCKET_FIN			0x08000
+#define WEBSOCKET_RSV1			0x04000
+#define WEBSOCKET_RSV2			0x02000
+#define WEBSOCKET_RSV3			0x01000
+#define WEBSOCKET_RSV			0x07000
+#define WEBSOCKET_OPCODE		0x00F00
+#define WEBSOCKET_MASK			0x00080
+#define WEBSOCKET_PLEN			0x0007F

 #define WEBSOCKET_MAX_OUTPUT_FRAMESIZE 4096

--- a/microstack/ILibWebServer.c
+++ b/microstack/ILibWebServer.c
@@ -765,7 +765,7 @@ void ILibWebServer_OnReceive(void *AsyncServerSocketModule, void *ConnectionToke
 		switch ((r = ILibWebClient_OnData(ConnectionToken, buffer, p_beginPointer, endPointer, NULL, &(ILibWebServer_Session_GetSystemData(ws)->WebClientDataObject), PAUSE)))
 		{
 			case ILibWebClient_DataResults_OK:
-				if (*p_beginPointer == pbp && (endPointer - pbp >= 4096) && ILibWebClient_IsFinHeader(ILibWebServer_Session_GetSystemData(ws)->WebClientDataObject) == 0)
+				if (*p_beginPointer == pbp && (endPointer - pbp >= HTTP_MAX_HEADER_SIZE) && ILibWebClient_IsFinHeader(ILibWebServer_Session_GetSystemData(ws)->WebClientDataObject) == 0)
 				{
 					// The headers is > 4k
 					ILibWebServer_Session_GetSystemData(ws)->CloseOverrideFlag = 1; // This will force close the socket when done