pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-12 14:14:48 +02:00
Code Activity
Files
3687ce0f0f9dc8e3d4fc7fe9e4bdc31f14134e79
weechat/tests/unit/plugins/relay
T
History
Sébastien Helleu 3687ce0f0f relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion 
A relay client could announce a huge websocket frame (or HTTP body via
"Content-Length") and dribble its payload, making WeeChat accumulate it
in a buffer that grew without limit, until all memory was exhausted. The
websocket frame path is reachable before authentication with the
"weechat" and "irc" protocols.

The announced websocket frame length and HTTP "Content-Length" are now
bounded by WEBSOCKET_FRAME_MAX_LENGTH and RELAY_HTTP_BODY_MAX_LENGTH: an
oversized websocket frame closes the connection, and an oversized body is
rejected.
2026-06-01 21:56:34 +02:00
..
api
core, plugins: fix typos in comments on functions, use imperative
2026-03-23 20:45:36 +01:00
irc
core, plugins: fix typos in comments on functions, use imperative
2026-03-23 20:45:36 +01:00
test-relay-auth.cpp
relay/irc: fix timing attack on PASS command (GHSA-vhv8-g2r9-cwcc)
2026-05-31 09:16:36 +02:00
test-relay-bar-item.cpp
core, plugins: fix typos in comments on functions, use imperative
2026-03-23 20:45:36 +01:00
test-relay-http.cpp
relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion
2026-06-01 21:56:34 +02:00
test-relay-raw.cpp
core, plugins: fix typos in comments on functions, use imperative
2026-03-23 20:45:36 +01:00
test-relay-remote.cpp
core, plugins: fix typos in comments on functions, use imperative
2026-03-23 20:45:36 +01:00
test-relay-websocket.cpp
relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion
2026-06-01 21:56:34 +02:00