Client can crash the server

Question

Client can crash the server

robbi5 opened this issue 14 years ago · comments

The client can simply crash the server when it sends a message to the /meta/onMessage channel.
pushIt.sendMessage({"channel": "/meta/onMessage"});

Bug is in push-it-proto.js, line 50 (https://github.com/aaronblohowiak/Push-It/blob/827c704/server/etc/push-it-proto.js#L50). There should be a check for allowed methods like connect and subscribe.

Aaron Blohowiak · Answer 1 · Wed Jan 05 2011 02:08:17 GMT+0800 (China Standard Time)

Good catch, I will add a test and a fix later tonight.

Aaron Blohowiak · Answer 2 · Thu Jan 06 2011 18:33:20 GMT+0800 (China Standard Time)

cff45b2 Adds test & fix.

robbi5 · Answer 3 · Thu Jan 06 2011 18:47:13 GMT+0800 (China Standard Time)

Sorry, but this doesn't fix the Crash. Clients can still call pushIt.sendMessage({"channel": "/meta/onMessage"}); and the server crashes, because it is stuck in an endless loop of calling onMessage (which calls onMessage on line 52). I think you should use a blacklist for channel-names here. I can provide a testpage for this, if you want.

Aaron Blohowiak · Answer 4 · Thu Jan 06 2011 19:16:12 GMT+0800 (China Standard Time)

a98b123

Okay, I whitelisted connect and subscribe as they are the only /meta/ operations going on and the dynamic dispatch code was more confusing. The latest commit should have fixed all of these issues.

Thanks for the feedback.

Aaron

robbi5 · Answer 5 · Thu Jan 06 2011 19:24:57 GMT+0800 (China Standard Time)

Great, thanks for your fast bugfix :)