diff --git a/src/websocket_frame.cpp b/src/websocket_frame.cpp index 1ceb2da85d..cf854dc2ad 100644 --- a/src/websocket_frame.cpp +++ b/src/websocket_frame.cpp @@ -26,7 +26,9 @@ */ #include "websocket_frame.hpp" + #include "websocket_server.hpp" +#include "utf8_validator/utf8_validator.hpp" #include #include @@ -250,7 +252,9 @@ void frame::set_status(uint16_t status,const std::string message) { char val[2]; *reinterpret_cast(&val[0]) = htons(status); - + + m_header[1] = message.size()+2; + m_payload[0] = val[0]; m_payload[1] = val[1]; @@ -334,7 +338,6 @@ void frame::process_extended_header() { } void frame::process_payload() { - // unmask payload one byte at a time for (uint64_t i = 0; i < m_payload.size(); i++) { m_payload[i] = (m_payload[i] ^ m_masking_key[i%4]); } @@ -367,6 +370,20 @@ void frame::process_payload2() { } } +bool frame::validate_utf8(uint32_t* state,uint32_t* codep) const { + for (size_t i = 0; i < m_payload.size(); i++) { + using utf8_validator::decode; + + //std::cout << "decoding: " << std::hex << m_payload[i] << std::endl; + if (decode(state,codep,m_payload[i]) == utf8_validator::UTF8_REJECT) { + // std::cout << "bad byte" << std::endl; + return false; + } + } + + return true; +} + bool frame::validate_basic_header() const { // check for control frame size if (get_basic_size() > BASIC_PAYLOAD_LIMIT && is_control()) { @@ -412,4 +429,4 @@ void frame::clear_masking_key() { m_masking_key[1] = 0; m_masking_key[2] = 0; m_masking_key[3] = 0; -} \ No newline at end of file +} diff --git a/src/websocket_frame.hpp b/src/websocket_frame.hpp index 101f266be4..e1cf16177b 100644 --- a/src/websocket_frame.hpp +++ b/src/websocket_frame.hpp @@ -127,6 +127,7 @@ public: void process_payload(); void process_payload2(); // experiment with more efficient masking code. + bool validate_utf8(uint32_t* state,uint32_t* codep) const; bool validate_basic_header() const; void generate_masking_key(); @@ -142,4 +143,4 @@ private: } -#endif // WEBSOCKET_FRAME_HPP \ No newline at end of file +#endif // WEBSOCKET_FRAME_HPP