Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.
Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.
This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.
All users should update with these fixes.
https://github.com/warmcat/libwebsockets/issues/526
On master, cleanups and refactor mean the last two problems already
don't exist (array is gone from main.c and http.c is deleted)
Signed-off-by: Andy Green <andy@warmcat.com>
https://github.com/warmcat/libwebsockets/issues/489
This
1) fixes the vhost changes on master
2) works around the ah pool changes
3) fixes some other build problems that appeared
4) hacks out physical flow control for internal streams
5) updates the advertised protocol to h2 needed by, eg, chrome 51
That gets it able to serve small (<4K, ie, one packet) files over http2
Signed-off-by: Andy Green <andy@warmcat.com>
This adds support for dynamically loaded plugins at runtime, which
can expose their own protocols or extensions transparently.
With these changes lwsws defaults to OFF in cmake, and if enabled it
automatically enables plugins and libuv support.
Signed-off-by: Andy Green <andy@warmcat.com>
