From e8c498532222a29b6acb69c576a060218b618e4c Mon Sep 17 00:00:00 2001 From: Chris Ross Date: Thu, 23 Oct 2014 08:24:19 -0700 Subject: [PATCH] Verify contination frames. --- .../CommonWebSocket.cs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs b/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs index ba76cc74d0..41219be884 100644 --- a/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs +++ b/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs @@ -215,8 +215,14 @@ namespace Microsoft.AspNet.WebSockets.Protocol await ReadNextFrameAsync(cancellationToken); } - // Handle fragmentation, remember the first frame type int opCode = _frameInProgress.OpCode; + + if (opCode == Constants.OpCodes.CloseFrame) + { + return await ProcessCloseFrameAsync(cancellationToken); + } + + // Handle fragmentation, remember the first frame type if (opCode == Constants.OpCodes.ContinuationFrame) { if (!_firstDataOpCode.HasValue) @@ -230,11 +236,6 @@ namespace Microsoft.AspNet.WebSockets.Protocol _firstDataOpCode = opCode; } - if (opCode == Constants.OpCodes.CloseFrame) - { - return await ProcessCloseFrameAsync(cancellationToken); - } - // Make sure there's at least some data in the buffer int bytesToBuffer = (int)Math.Min((long)_receiveBuffer.Length, _frameBytesRemaining); await EnsureDataAvailableOrReadAsync(bytesToBuffer, cancellationToken); @@ -329,6 +330,11 @@ namespace Microsoft.AspNet.WebSockets.Protocol _frameInProgress = null; } } + else if (_firstDataOpCode.HasValue && _frameInProgress.OpCode != Constants.OpCodes.ContinuationFrame) + { + // A data frame is already in progress, but this new frame is not a continuation frame. + await SendErrorAbortAndThrow(WebSocketCloseStatus.ProtocolError, "Expected a continuation frame: " + _frameInProgress.OpCode, cancellationToken); + } } private async Task EnsureDataAvailableOrReadAsync(int bytesNeeded, CancellationToken cancellationToken)