adds limit to network read buffer (to prevent DoS attacks), refactors client handshake reading to leave non-handshake data in the read buffer

2026-04-29 15:37:57 +00:00 · 2011-10-04 08:14:04 -05:00
parent 5f74e055b2
commit 37d5f968d0
8 changed files with 53 additions and 50 deletions
--- a/src/websocket_server.cpp
+++ b/src/websocket_server.cpp
@@ -138,9 +138,11 @@ void server::access_log(std::string msg,uint16_t level) {
 }

 void server::start_accept() {
+	// TODO: sanity check whether the session buffer size bound could be reduced
 	server_session_ptr new_session(new server_session(shared_from_this(),
 	                                                  m_io_service,
-	                                                  m_def_con_handler));
+	                                                  m_def_con_handler,
+													  m_max_message_size*2));
 	
 	m_acceptor.async_accept(
 		new_session->socket(),