aboutsummaryrefslogtreecommitdiff
path: root/src/zenhttp/servers/wsframecodec.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/zenhttp/servers/wsframecodec.cpp')
-rw-r--r--src/zenhttp/servers/wsframecodec.cpp7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/zenhttp/servers/wsframecodec.cpp b/src/zenhttp/servers/wsframecodec.cpp
index a4c5e0f16..e452141fe 100644
--- a/src/zenhttp/servers/wsframecodec.cpp
+++ b/src/zenhttp/servers/wsframecodec.cpp
@@ -51,6 +51,13 @@ WsFrameCodec::TryParseFrame(const uint8_t* Data, size_t Size)
HeaderSize = 10;
}
+ // Reject frames with unreasonable payload sizes to prevent OOM
+ static constexpr uint64_t kMaxPayloadSize = 256 * 1024 * 1024; // 256 MB
+ if (PayloadLen > kMaxPayloadSize)
+ {
+ return {};
+ }
+
const size_t MaskSize = Masked ? 4 : 0;
const size_t TotalFrame = HeaderSize + MaskSize + PayloadLen;
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-20 19:00:07 +0000