espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(transport_ws): reject reserved opcodes per RFC 6455

Browse Source
This commit is contained in:
surengab
2026-02-18 15:24:44 +04:00
committed by Euripedes Rocha
parent 74afee2afc
commit a0c18b68de
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/tcp_transport/transport_ws.c
+8
View File
@@ -563,6 +563,14 @@ static int ws_read_header(esp_transport_handle_t t, char *buffer, int len, int t
ESP_LOGE(TAG, "Non-zero RSV bits detected (rsv=0x%02X) - protocol violation, no extensions negotiated", rsv); ESP_LOGE(TAG, "Non-zero RSV bits detected (rsv=0x%02X) - protocol violation, no extensions negotiated", rsv);
return -1; return -1;
} }
// RFC 6455 Section 5.2: Validate opcode (only 0x0-0x2 for data, 0x8-0xA for control are defined)
if ((ws->frame_state.opcode >= 0x3 && ws->frame_state.opcode <= 0x7) ||
(ws->frame_state.opcode >= 0xB && ws->frame_state.opcode <= 0xF)) {
ESP_LOGE(TAG, "Reserved opcode detected (opcode=0x%02X) - protocol violation", ws->frame_state.opcode);
return -1;
}
if (payload_len == 126) { if (payload_len == 126) {
// headerLen += 2; // headerLen += 2;
if ((rlen = esp_transport_read_exact_size(ws, data_ptr, header, timeout_ms)) <= 0) { if ((rlen = esp_transport_read_exact_size(ws, data_ptr, header, timeout_ms)) <= 0) {