From cb4c4eb544eff697d7496c328e8be6970b64ac46 Mon Sep 17 00:00:00 2001
From: Kris Moore <kris@pcbsd.org>
Date: Fri, 11 Mar 2016 08:08:51 -0500
Subject: [PATCH] Change how we parse incoming WebSocket TCP/SSL data. Its
 possible that data coming in will be mixed with several messages at once,
 lets parse those properly, and also implement some sanity checking to make
 sure we aren't being flooded with a potential buffer overflow

---
 src/server/WebSocket.cpp | 43 ++++++++++++++++++++++++++++++++++------
 src/server/WebSocket.h   |  4 ++++
 2 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/src/server/WebSocket.cpp b/src/server/WebSocket.cpp
index 4a25955..753aee7 100644
--- a/src/server/WebSocket.cpp
+++ b/src/server/WebSocket.cpp
@@ -361,16 +361,47 @@ void WebSocket::EvaluateMessage(const QString &msg){
   //qDebug() << " - Done with Text Message";
 }
 
+void WebSocket::ParseIncoming(){
+  bool found = false;
+
+  // Check if we have a complete JSON request waiting to be parsed
+  QString JsonRequest;
+  for ( int i = 0; i<incomingbuffer.size(); i++) {
+    JsonRequest = incomingbuffer;
+    JsonRequest.truncate(i);
+    if ( !QJsonDocument::fromBinaryData(JsonRequest.toLocal8Bit()).isNull() )
+    {
+      // We have what looks like a valid JSON request, lets parse it now
+      //qDebug() << "TCP Message" << JsonRequest;
+      EvaluateREST(JsonRequest);
+      incomingbuffer.remove(0, i);
+      found = true;
+      break;
+    }
+  }
+
+  // If the buffer is larger than 128000 chars and no valid JSON somebody
+  // is screwing with us, lets clear the buffer
+  if ( ! found && incomingbuffer.size() > 128000 ) {
+    incomingbuffer="";
+    return;
+  }
+
+  // If we found a valid JSON request, but still have data, check for
+  // a second request waiting in the buffer
+  if ( found && incomingbuffer.size() > 2 )
+    ParseIncoming();
+}
+
 void WebSocket::EvaluateTcpMessage(){
   //Need to read the data from the Tcp socket and turn it into a string
   //qDebug() << "New TCP Message:";
   if(idletimer->isActive()){ idletimer->stop(); }
-  QString msg = QString(TSOCKET->readAll());
-  for(int i=0; i<5 && !msg.endsWith("}"); i++){
-    usleep(10000); //10ms
-    msg.append( QString(TSOCKET->readAll()) );
-  }
-  EvaluateREST(msg );
+  incomingbuffer.append(QString(TSOCKET->read(128000)));
+
+  // Check for JSON in this incoming data
+  ParseIncoming();
+
   idletimer->start(); 
   //qDebug() << " - Done with TCP Message";	
 }
diff --git a/src/server/WebSocket.h b/src/server/WebSocket.h
index 6d8d173..46164cd 100644
--- a/src/server/WebSocket.h
+++ b/src/server/WebSocket.h
@@ -29,6 +29,10 @@ private:
 	QList<EventWatcher::EVENT_TYPE> ForwardEvents;
 	void sendReply(QString msg);
 
+	// Where we store incoming Tcp data
+	QString incomingbuffer;
+	void ParseIncoming();
+
 	//Main connection comminucations procedure
 	void EvaluateREST(QString); //Text -> Rest/JSON struct
 	void EvaluateRequest(const RestInputStruct&); // Parse Rest/JSON (does auth/events)