Bjørn Lie
5b8cb29a58
(boo#1233285 CVE-2024-52530 glgo#GNOME/libsoup#377). - Add libsoup-CVE-2024-52532.patch: websocket: Process the frame as soon as we read data (boo#1233287 CVE-2024-52532). - Add 29b96fab.patch: websocket-test: disconnect error copy after the test ends (glgo#GNOME/libsoup#391). - Add a35222dd.patch: be more robust against invalid input when parsing params (boo#1233292 CVE-2024-52531 glgo#GNOME/libsoup!407). OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/libsoup2?expand=0&rev=13
35 lines
1.0 KiB
Diff
35 lines
1.0 KiB
Diff
From f84fc43fe62e25ca807975fa758f2e3d7737db4f Mon Sep 17 00:00:00 2001
|
|
From: Mike Gorse <mgorse@suse.com>
|
|
Date: Tue, 12 Nov 2024 17:20:25 -0600
|
|
Subject: [PATCH] websocket: process the frame as soon as we read data
|
|
|
|
Otherwise we can enter in a read loop because we were not
|
|
validating the data until the all the data was read.
|
|
|
|
Fixes #391
|
|
|
|
Backport of https://gitlab.gnome.org/GNOME/libsoup/-/commit/6adc0e3e.patch
|
|
---
|
|
libsoup/soup-websocket-connection.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libsoup/soup-websocket-connection.c b/libsoup/soup-websocket-connection.c
|
|
index 6d136d41..2db34d3c 100644
|
|
--- a/libsoup/soup-websocket-connection.c
|
|
+++ b/libsoup/soup-websocket-connection.c
|
|
@@ -1155,9 +1155,9 @@ soup_websocket_connection_read (SoupWebsocketConnection *self)
|
|
}
|
|
|
|
pv->incoming->len = len + count;
|
|
- } while (count > 0);
|
|
|
|
- process_incoming (self);
|
|
+ process_incoming (self);
|
|
+ } while (count > 0 && !pv->close_sent && !pv->io_closing);
|
|
|
|
if (end) {
|
|
if (!pv->close_sent || !pv->close_received) {
|
|
--
|
|
2.47.0
|
|
|