backend/gateway: block comically large string payloads
This commit is contained in:
parent
fec30b7ec9
commit
538717cfc9
2 changed files with 7 additions and 1 deletions
|
@ -14,4 +14,5 @@ export const gatewayErrors = {
|
||||||
NO_PING: { code: 4004, message: "No ping" },
|
NO_PING: { code: 4004, message: "No ping" },
|
||||||
FLOODING: { code: 4005, message: "Flooding (exceeded maximum messages per batch)" },
|
FLOODING: { code: 4005, message: "Flooding (exceeded maximum messages per batch)" },
|
||||||
ALREADY_AUTHENTICATED: { code: 4006, message: "Already authenticated" },
|
ALREADY_AUTHENTICATED: { code: 4006, message: "Already authenticated" },
|
||||||
|
PAYLOAD_TOO_LARGE: { code: 4007, message: "Payload too large" },
|
||||||
};
|
};
|
||||||
|
|
|
@ -170,8 +170,13 @@ export default function(server: Server) {
|
||||||
if (ws.state.messagesSinceLastCheck > MAX_CLIENT_MESSAGES_PER_BATCH) {
|
if (ws.state.messagesSinceLastCheck > MAX_CLIENT_MESSAGES_PER_BATCH) {
|
||||||
return closeWithError(ws, gatewayErrors.FLOODING);
|
return closeWithError(ws, gatewayErrors.FLOODING);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const stringData = rawData.toString();
|
||||||
|
if (stringData.length > 2048) {
|
||||||
|
return closeWithError(ws, gatewayErrors.PAYLOAD_TOO_LARGE);
|
||||||
|
}
|
||||||
|
|
||||||
const payload = ensureFormattedGatewayPayload(parseJsonOrNull(rawData.toString()));
|
const payload = ensureFormattedGatewayPayload(parseJsonOrNull(stringData));
|
||||||
if (!payload) {
|
if (!payload) {
|
||||||
return closeWithBadPayload(ws, "Invalid JSON or message does not match schema");
|
return closeWithBadPayload(ws, "Invalid JSON or message does not match schema");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue