You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2020/06/30 13:05:02 UTC
[tomcat] branch 9.0.x updated: Correct calculation of payload length when using 4 or more bytes

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new d37f128  Correct calculation of payload length when using 4 or more bytes
d37f128 is described below

commit d37f128c3b685dae25f55266d091c402e86257d7
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Jun 29 15:08:25 2020 +0100

    Correct calculation of payload length when using 4 or more bytes
---
 java/org/apache/tomcat/websocket/WsFrameBase.java |  2 +-
 test/org/apache/tomcat/websocket/TestWsFrame.java | 32 ++++++++++++++++-------
 webapps/docs/changelog.xml                        |  4 +++
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/tomcat/websocket/WsFrameBase.java b/java/org/apache/tomcat/websocket/WsFrameBase.java
index 4afad67..a6df700 100644
--- a/java/org/apache/tomcat/websocket/WsFrameBase.java
+++ b/java/org/apache/tomcat/websocket/WsFrameBase.java
@@ -678,7 +678,7 @@ public abstract class WsFrameBase {
         int shift = 0;
         long result = 0;
         for (int i = start + len - 1; i >= start; i--) {
-            result = result + ((b[i] & 0xFF) << shift);
+            result = result + ((b[i] & 0xFFL) << shift);
             shift += 8;
         }
         return result;
diff --git a/test/org/apache/tomcat/websocket/TestWsFrame.java b/test/org/apache/tomcat/websocket/TestWsFrame.java
index 0b423ad..d6afce0 100644
--- a/test/org/apache/tomcat/websocket/TestWsFrame.java
+++ b/test/org/apache/tomcat/websocket/TestWsFrame.java
@@ -28,10 +28,17 @@ public class TestWsFrame {
         Assert.assertEquals(0L, WsFrameBase.byteArrayToLong(new byte[] { 0 }, 0, 1));
         Assert.assertEquals(1L, WsFrameBase.byteArrayToLong(new byte[] { 1 }, 0, 1));
         Assert.assertEquals(0xFF, WsFrameBase.byteArrayToLong(new byte[] { -1 }, 0, 1));
-        Assert.assertEquals(0xFFFF,
-                WsFrameBase.byteArrayToLong(new byte[] { -1, -1 }, 0, 2));
-        Assert.assertEquals(0xFFFFFF,
-                WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1 }, 0, 3));
+        Assert.assertEquals(0xFFFF, WsFrameBase.byteArrayToLong(new byte[] { -1, -1 }, 0, 2));
+        Assert.assertEquals(0xFFFFFF, WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1 }, 0, 3));
+        Assert.assertEquals(0xFFFFFFFFL, WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1, -1 }, 0, 4));
+        Assert.assertEquals(0xFFFFFFFFFFL, WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1, -1, -1 }, 0, 5));
+        Assert.assertEquals(0xFFFFFFFFFFFFL, WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1, -1, -1, -1 }, 0, 6));
+        Assert.assertEquals(0xFFFFFFFFFFFFFFL,
+                WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1, -1, -1, -1, -1 }, 0, 7));
+        Assert.assertEquals(0x7FFFFFFFFFFFFFFFL,
+                WsFrameBase.byteArrayToLong(new byte[] { 127, -1, -1, -1, -1, -1, -1, -1 }, 0, 8));
+        Assert.assertEquals(-1,
+                WsFrameBase.byteArrayToLong(new byte[] { -1, -1, -1, -1, -1, -1, -1, -1 }, 0, 8));
     }
 
 
@@ -40,10 +47,17 @@ public class TestWsFrame {
         Assert.assertEquals(0L, WsFrameBase.byteArrayToLong(new byte[] { 20, 0 }, 1, 1));
         Assert.assertEquals(1L, WsFrameBase.byteArrayToLong(new byte[] { 20, 1 }, 1, 1));
         Assert.assertEquals(0xFF, WsFrameBase.byteArrayToLong(new byte[] { 20, -1 }, 1, 1));
-        Assert.assertEquals(0xFFFF,
-                WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1 }, 1, 2));
-        Assert.assertEquals(0xFFFFFF,
-                WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1 }, 1, 3));
+        Assert.assertEquals(0xFFFF, WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1 }, 1, 2));
+        Assert.assertEquals(0xFFFFFF, WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1 }, 1, 3));
+        Assert.assertEquals(0xFFFFFFFFL, WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1, -1 }, 1, 4));
+        Assert.assertEquals(0xFFFFFFFFFFL, WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1, -1, -1 }, 1, 5));
+        Assert.assertEquals(0xFFFFFFFFFFFFL,
+                WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1, -1, -1, -1 }, 1, 6));
+        Assert.assertEquals(0xFFFFFFFFFFFFFFL,
+                WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1, -1, -1, -1, -1 }, 1, 7));
+        Assert.assertEquals(0x7FFFFFFFFFFFFFFFL,
+                WsFrameBase.byteArrayToLong(new byte[] { 20, 127, -1, -1, -1, -1, -1, -1, -1 }, 1, 8));
+        Assert.assertEquals(-1,
+                WsFrameBase.byteArrayToLong(new byte[] { 20, -1, -1, -1, -1, -1, -1, -1, -1 }, 1, 8));
     }
-
 }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1d1a735..4ad694f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -133,6 +133,10 @@
         <bug>64563</bug>: Add additional validation of payload length for
         WebSocket messages. (markt)
       </fix>
+      <fix>
+        Correct the calculation of payload length when four or more bytes are
+        required to represent the payload length. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Other">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org