Files · c68b4134627e6aad952787c5bcbe32cb69341bd5 · nexlab / wsssh

Add comprehensive bounds checking to WebSocket message parsing in wsssht.c · c68b4134

Stefy Lanza (nextime / spora ) authored Sep 20, 2025

- Prevent heap corruption from malformed JSON messages
- Add bounds validation for all string operations in message parsing
- Ensure all pointers stay within payload buffer limits
- Validate data field lengths to prevent excessive memory allocation
- Protect against buffer overflows in tunnel_data, tunnel_close, tunnel_keepalive, tunnel_ack, and tunnel_ko message parsing
- Add debug logging for malformed messages to aid troubleshooting

c68b4134

Name	Last commit	Last update
templates		Loading commit data...
wsssd		Loading commit data...
wsssh-server/debian		Loading commit data...
wssshd2		Loading commit data...
wssshtools		Loading commit data...
.gitignore		Loading commit data...
BRIDGE_MODE_TESTING.md		Loading commit data...
CHANGELOG.md		Loading commit data...
DOCUMENTATION.md		Loading commit data...
LICENSE.md		Loading commit data...
README.md		Loading commit data...
TODO.md		Loading commit data...
build.sh		Loading commit data...
clean.sh		Loading commit data...
image.jpg		Loading commit data...
prompt.txt		Loading commit data...
requirements.txt		Loading commit data...
service.conf.example		Loading commit data...
test_bridge_mode.sh		Loading commit data...
wssshc.conf.example		Loading commit data...
wssshc.init		Loading commit data...
wssshc_watcher.sh		Loading commit data...
wssshd.conf.example		Loading commit data...
wssshd.init		Loading commit data...
wssshd.py		Loading commit data...
wsssht.conf.example		Loading commit data...
wsssht.init		Loading commit data...

README.md