_handshakeSignature() throwing "TypeError: value is out of bounds" error

Question

_handshakeSignature() throwing "TypeError: value is out of bounds" error

Closed this issue 9 years ago · 3 comments

Starting around Aug 24, our servers are crashing several times per day with the following stack trace:

TypeError: value is out of bounds
  at TypeError (<anonymous>)
  at checkInt (buffer.js:705:11)
  at Buffer.writeUInt32BE (buffer.js:748:5)
  at instance._handshakeSignature (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/driver/draft76.js:70:12)
  at instance._sendHandshakeBody (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/driver/draft76.js:79:26)
  at null.<anonymous> (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/driver/draft75.js:37:16)
  at StreamReader.eachByte (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/driver/stream_reader.js:60:16)
  at instance.parse (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/driver/draft75.js:31:18)
  at IO.write (/Users/josh/app/node_modules/sockjs/node_modules/faye-websocket/node_modules/websocket-driver/lib/websocket/streams.js:80:16)
  at Socket.ondata (stream.js:51:26)

It also sometimes crashes at line 69 of draft76.js instead of line 70:

var headers = this._request.headers,
    key1    = headers['sec-websocket-key1'],
    value1  = numberFromKey(key1) / spacesInKey(key1),
    key2    = headers['sec-websocket-key2'],
    value2  = numberFromKey(key2) / spacesInKey(key2),
    md5     = crypto.createHash('md5'),
    buffer  = new Buffer(8 + this.BODY_SIZE);

buffer.writeUInt32BE(value1, 0);  // <-- (line 69): sometimes it crashes here
buffer.writeUInt32BE(value2, 4);  // <-- (line 70): other times it crashes here

So it looks like the values of the Sec-Websocket-Key1 and Sec-Websocket-Key2 headers are occasionally throwing off faye-websocket.

It's unclear why this started happening only a week ago as we didn't change anything on our end at that point. We're still using Node v0.10.40 with SockJS 0.3.15 + Faye-Websocket 0.9.4.

Do you think Faye-Websocket's behavior here is correct? If so, how could I catch such an exception and fail the connection before it crashes my app?

Thanks in advance for your help!

Answer 1 · 2015-09-16T20:14:14.000Z

Any suggestions on how to address this? Is it a Faye-Websocket bug?

Answer 2 · 2015-09-18T09:51:17.000Z

When this happens, can you log out the sec-websocket-key{1,2} headers and share them here?

Answer 3 · 2015-10-01T06:23:41.000Z

The same issue has been reported against websocket-driver which is where the error is happening. Please comment on faye/websocket-driver-node#16 if you have more info.