#15 - Validate ping frame size limits.

Tratcher · Tratcher · commit 207767a9b087 · 2014-10-22T16:25:22.000-07:00
diff --git a/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs b/src/Microsoft.AspNet.WebSockets.Protocol/CommonWebSocket.cs
@@ -299,6 +299,15 @@ private async Task ReadNextFrameAsync(CancellationToken cancellationToken)
 
             if (_frameInProgress.OpCode == Constants.OpCodes.PingFrame || _frameInProgress.OpCode == Constants.OpCodes.PongFrame)
             {
+                if (_frameBytesRemaining > 125)
+                {
+                    if (State == WebSocketState.Open)
+                    {
+                        await CloseOutputAsync(WebSocketCloseStatus.ProtocolError, "Invalid control frame size", cancellationToken);
+                        Abort();
+                    }
+                    throw new InvalidOperationException("Control frame too large."); // TODO: WebSocketException
+                }
                 // Drain it, should be less than 125 bytes
                 await EnsureDataAvailableOrReadAsync((int)_frameBytesRemaining, cancellationToken);
 
