From 7404b81ad9fa9ef53d1c0ca413eb9293e3664050 Mon Sep 17 00:00:00 2001 From: 94xhn <87560781+94xhn@users.noreply.github.com> Date: Tue, 14 Jul 2026 08:39:54 +0800 Subject: [PATCH] Enforce RFC 6455 handshake key requirements Reject keys that are not the 24-character padded Base64 form or do not decode to exactly 16 bytes before generating the accept response. Tested: CMake/Ninja build; handshake response regression harness --- src/handshake.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/handshake.c b/src/handshake.c index 57036c2..123a750 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -47,14 +47,27 @@ */ int get_handshake_accept(char *wsKey, unsigned char **dest) { + unsigned char *decoded; /* Decoded WebSocket key. */ unsigned char hash[SHA1HashSize]; /* SHA-1 Hash. */ SHA1Context ctx; /* SHA-1 Context. */ char *str; /* WebSocket key + magic string. */ + size_t decoded_len; /* Decoded key length. */ /* Invalid key. */ - if (!wsKey) + if (!wsKey || strlen(wsKey) != WS_KEY_LEN || + wsKey[WS_KEY_LEN - 2] != '=' || + wsKey[WS_KEY_LEN - 1] != '=') return (-1); + decoded = base64_decode((const unsigned char *)wsKey, WS_KEY_LEN, + &decoded_len); + if (!decoded || decoded_len != 16) + { + free(decoded); + return (-1); + } + free(decoded); + str = calloc(1, sizeof(char) * (WS_KEY_LEN + WS_MS_LEN + 1)); if (!str) return (-1);