Affected versions of uws
do not properly handle large websocket messages when permessage-deflate
is enabled, which may result in a denial of service condition.
If uws
recieves a 256Mb websocket message when permessage-deflate
is enabled, the server will compress the message prior to executing the length check, and subsequently extract the message prior to processing. This can result in a situation where an excessively large websocket message passes the length checks, yet still gets cast from a Buffer to a string, which will exceed v8's maximum string size and crash the process.
Recommendation
Update to version 0.10.9 or later.
Alternatively, disable permessage-deflate
.
References
Affected versions of
uws
do not properly handle large websocket messages whenpermessage-deflate
is enabled, which may result in a denial of service condition.If
uws
recieves a 256Mb websocket message whenpermessage-deflate
is enabled, the server will compress the message prior to executing the length check, and subsequently extract the message prior to processing. This can result in a situation where an excessively large websocket message passes the length checks, yet still gets cast from a Buffer to a string, which will exceed v8's maximum string size and crash the process.Recommendation
Update to version 0.10.9 or later.
Alternatively, disable
permessage-deflate
.References