Adding back security workarounds in websocket++.

Author: stgates

Release/libs/websocketpp/websocketpp/frame.hpp

@@ -54,19 +54,19 @@ static unsigned int const MAX_EXTENDED_HEADER_LENGTH = 12;
 /// Two byte conversion union
 union uint16_converter {
     uint16_t i;
-    uint8_t  c[2];
+    std::array<uint8_t, 2> c;
 };
 
 /// Four byte conversion union
 union uint32_converter {
     uint32_t i;
-    uint8_t c[4];
+    std::array<uint8_t, 4> c;
 };
 
 /// Eight byte conversion union
 union uint64_converter {
     uint64_t i;
-    uint8_t  c[8];
+    std::array<uint8_t, 8> c;
 };
 
 /// Constants and utility functions related to WebSocket opcodes
@@ -234,28 +234,28 @@ struct basic_header {
 /// The variable size component of a WebSocket frame header
 struct extended_header {
     extended_header() {
-        std::fill_n(this->bytes,MAX_EXTENDED_HEADER_LENGTH,0x00);
+        std::fill_n(this->bytes.begin(), MAX_EXTENDED_HEADER_LENGTH, 0x00);
     }
 
     extended_header(uint64_t payload_size) {
-        std::fill_n(this->bytes,MAX_EXTENDED_HEADER_LENGTH,0x00);
+        std::fill_n(this->bytes.begin(), MAX_EXTENDED_HEADER_LENGTH, 0x00);
 
         copy_payload(payload_size);
     }
 
     extended_header(uint64_t payload_size, uint32_t masking_key) {
-        std::fill_n(this->bytes,MAX_EXTENDED_HEADER_LENGTH,0x00);
+        std::fill_n(this->bytes.begin(), MAX_EXTENDED_HEADER_LENGTH, 0x00);
 
         // Copy payload size
         int offset = copy_payload(payload_size);
 
         // Copy Masking Key
         uint32_converter temp32;
         temp32.i = masking_key;
-        std::copy(temp32.c,temp32.c+4,bytes+offset);
+        std::copy(temp32.c.begin(), temp32.c.end(), bytes.begin() + offset);
     }
 
-    uint8_t bytes[MAX_EXTENDED_HEADER_LENGTH];
+    std::array<uint8_t, MAX_EXTENDED_HEADER_LENGTH> bytes;
 private:
     int copy_payload(uint64_t payload_size) {
         int payload_offset = 0;
@@ -268,7 +268,7 @@ struct extended_header {
 
         uint64_converter temp64;
         temp64.i = lib::net::_htonll(payload_size);
-        std::copy(temp64.c+payload_offset,temp64.c+8,bytes);
+        std::copy(temp64.c.begin() + payload_offset, temp64.c.begin() + 8, bytes.begin());
 
         return 8-payload_offset;
     }
@@ -494,7 +494,7 @@ inline std::string prepare_header(const basic_header &h, const
     ret.push_back(char(h.b0));
     ret.push_back(char(h.b1));
     ret.append(
-        reinterpret_cast<const char*>(e.bytes),
+        reinterpret_cast<const char*>(&*e.bytes.begin()),
         get_header_len(h)-BASIC_HEADER_LENGTH
     );
 
@@ -522,7 +522,8 @@ inline masking_key_type get_masking_key(const basic_header &h, const
         temp32.i = 0;
     } else {
         unsigned int offset = get_masking_key_offset(h);
-        std::copy(e.bytes+offset,e.bytes+offset+4,temp32.c);
+        auto ptr = e.bytes.begin() + offset;
+        std::copy(ptr, ptr + 4, temp32.c.begin());
     }
 
     return temp32;
@@ -539,7 +540,7 @@ inline masking_key_type get_masking_key(const basic_header &h, const
  */
 inline uint16_t get_extended_size(const extended_header &e) {
     uint16_converter temp16;
-    std::copy(e.bytes,e.bytes+2,temp16.c);
+    std::copy(e.bytes.begin() , e.bytes.begin() + 2, temp16.c.begin());
     return ntohs(temp16.i);
 }
 
@@ -554,7 +555,7 @@ inline uint16_t get_extended_size(const extended_header &e) {
  */
 inline uint64_t get_jumbo_size(const extended_header &e) {
     uint64_converter temp64;
-    std::copy(e.bytes,e.bytes+8,temp64.c);
+    std::copy(e.bytes.begin(), e.bytes.begin() + 8, temp64.c.begin());
     return lib::net::_ntohll(temp64.i);
 }
 

Release/libs/websocketpp/websocketpp/processors/hybi00.hpp

@@ -98,7 +98,7 @@ class hybi00 : public processor<config> {
     lib::error_code process_handshake(request_type const & req,
         std::string const & subprotocol, response_type & res) const
     {
-        char key_final[16];
+        std::array<char, 16> key_final;
 
         // copy key1 into final key
         decode_client_key(req.get_header("Sec-WebSocket-Key1"), &key_final[0]);
@@ -112,13 +112,13 @@ class hybi00 : public processor<config> {
         // TODO: decide if it is best to silently fail here or produce some sort
         //       of warning or exception.
         std::string const & key3 = req.get_header("Sec-WebSocket-Key3");
-        std::copy(key3.c_str(),
-                  key3.c_str()+(std::min)(static_cast<size_t>(8), key3.size()),
-                  &key_final[8]);
+        std::copy(key3.begin(),
+                  key3.begin() + std::min(size_t(8), key3.size()),
+                  key_final.begin() + 8);
 
         res.append_header(
             "Sec-WebSocket-Key3",
-            md5::md5_hash_string(std::string(key_final,16))
+            md5::md5_hash_string(std::string(key_final.begin(), key_final.end()))
         );
 
         res.append_header("Upgrade","WebSocket");
@@ -415,9 +415,11 @@ class hybi00 : public processor<config> {
         num = static_cast<uint32_t>(strtoul(digits.c_str(), NULL, 10));
         if (spaces > 0 && num > 0) {
             num = htonl(num/spaces);
-            std::copy(reinterpret_cast<char*>(&num),
-                      reinterpret_cast<char*>(&num)+4,
-                      result);
+#ifdef _MS_WINDOWS
+            memcpy_s(result, 4, reinterpret_cast<char*>(&num), 4);
+#else
+            memcpy(result, reinterpret_cast<char*>(&num), 4);
+#endif
         } else {
             std::fill(result,result+4,0);
         }

Release/libs/websocketpp/websocketpp/processors/hybi13.hpp

@@ -214,14 +214,14 @@ class hybi13 : public processor<config> {
 
         // Generate handshake key
         frame::uint32_converter conv;
-        unsigned char raw_key[16];
+        std::array<unsigned char, 16> raw_key;
 
         for (int i = 0; i < 4; i++) {
             conv.i = m_rng();
-            std::copy(conv.c,conv.c+4,&raw_key[i*4]);
+            std::copy(conv.c.begin(), conv.c.begin() + 4, raw_key.begin() + i * 4);
         }
 
-        req.replace_header("Sec-WebSocket-Key",base64_encode(raw_key, 16));
+        req.replace_header("Sec-WebSocket-Key",base64_encode(&raw_key[0], 16));
 
         return lib::error_code();
     }
@@ -461,9 +461,9 @@ class hybi13 : public processor<config> {
         m_basic_header.b0 = 0x00;
         m_basic_header.b1 = 0x00;
 
-        std::fill_n(
-            m_extended_header.bytes,
-            frame::MAX_EXTENDED_HEADER_LENGTH,
+        std::fill(
+            m_extended_header.bytes.begin(),
+            m_extended_header.bytes.end(),
             0x00
         );
     }
@@ -686,7 +686,7 @@ class hybi13 : public processor<config> {
     size_t copy_extended_header_bytes(uint8_t const * buf, size_t len) {
         size_t bytes_to_read = (std::min)(m_bytes_needed,len);
 
-        std::copy(buf,buf+bytes_to_read,m_extended_header.bytes+m_cursor);
+        std::copy(buf, buf + bytes_to_read, m_extended_header.bytes.begin() + m_cursor);
         m_cursor += bytes_to_read;
         m_bytes_needed -= bytes_to_read;