rpms/libsoup3
6
0
Fork 0
Code Issues Pull Requests Releases Activity
35a1d37791
libsoup3/CVE-2025-32049.patch

17 lines
670 B
Diff
Raw Blame History

diff --git a/libsoup/websocket/soup-websocket-connection.c b/libsoup/websocket/soup-websocket-connection.c
index a1448134..48b08b60 100644
--- a/libsoup/websocket/soup-websocket-connection.c
+++ b/libsoup/websocket/soup-websocket-connection.c
@@ -971,6 +971,11 @@ process_contents (SoupWebsocketConnection *self,
switch (priv->message_opcode) {
case 0x01:
case 0x02:
+ /* Safety valve */
+ if (priv->message_data->len + payload_len > priv->max_incoming_payload_size) {
+ too_big_error_and_close (self, (priv->message_data->len + payload_len));
+ return;
+ }
g_byte_array_append (priv->message_data, payload, payload_len);
break;
default:
Reference in New Issue View Git Blame Copy Permalink