mirror of
https://github.com/ergochat/ergo.git
synced 2025-01-20 17:14:08 +01:00
mitigate a potential DoS against websocket listeners
Websocket listeners would process an arbitrary number of invalid (non-text or blank) messages without throttling. This imposes fakelag on such messages by treating them as blank lines.
This commit is contained in:
parent
8f490ae298
commit
aad39024b9
@ -124,16 +124,18 @@ func (wc IRCWSConn) WriteLines(buffers [][]byte) (err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (wc IRCWSConn) ReadLine() (line []byte, err error) {
|
func (wc IRCWSConn) ReadLine() (line []byte, err error) {
|
||||||
for {
|
messageType, line, err := wc.conn.ReadMessage()
|
||||||
var messageType int
|
if err == nil {
|
||||||
messageType, line, err = wc.conn.ReadMessage()
|
if messageType == websocket.TextMessage {
|
||||||
// on empty message or non-text message, try again, block if necessary
|
return line, nil
|
||||||
if err != nil || (messageType == websocket.TextMessage && len(line) != 0) {
|
} else {
|
||||||
if err == websocket.ErrReadLimit {
|
// for purposes of fakelag, treat non-text message as an empty line
|
||||||
err = errReadQ
|
return nil, nil
|
||||||
}
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
} else if err == websocket.ErrReadLimit {
|
||||||
|
return line, errReadQ
|
||||||
|
} else {
|
||||||
|
return line, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user