packages/undertow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
undertow/CVE-2021-3690.patch
starlet-dx 0c005d4ec2 Fix CVE-2021-3690,CVE-2023-1973 and CVE-2023-5379 
(cherry picked from commit 12843fdbc2e6ec08db7d5624ae9b31bd04a29629)
2024-11-05 20:42:27 +08:00

26 lines
993 B
Diff
Raw Permalink Blame History

From abbaa6e883e6b4d082f13347e0f8e332097f9554 Mon Sep 17 00:00:00 2001
From: Andrey Marinchuk <radist.nt@gmail.com>
Date: Sat, 31 Jul 2021 00:26:57 +0300
Subject: [PATCH] [UNDERTOW-1935] - buffer leak on incoming websocket PONG
message
Origin:
https://github.com/undertow-io/undertow/commit/97482a5d4114001d45f9b07f1d2893749cdcba8b
---
.../src/main/java/io/undertow/websockets/jsr/FrameHandler.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/websockets-jsr/src/main/java/io/undertow/websockets/jsr/FrameHandler.java b/websockets-jsr/src/main/java/io/undertow/websockets/jsr/FrameHandler.java
index 12ae5bb38c..a93822587d 100644
--- a/websockets-jsr/src/main/java/io/undertow/websockets/jsr/FrameHandler.java
+++ b/websockets-jsr/src/main/java/io/undertow/websockets/jsr/FrameHandler.java
@@ -152,6 +152,8 @@ public void run() {
}
}
});
+ } else {
+ bufferedBinaryMessage.getData().free();
}
}
Reference in New Issue View Git Blame Copy Permalink