ws handler will parse invalid JSON strings without a try catch block causing server to crash on malformed inputs

nanoexpress / legacy

[Deprecated] Nano-framework for Node.js. Use PRO version

https://nanoexpress.js.org

Apache License 2.0

107 stars 13 forks source link

ws handler will parse invalid JSON strings without a try catch block causing server to crash on malformed inputs #106

Closed kran6a closed 4 years ago

kran6a commented 4 years ago

The bug is located in /src/handler/ws.js

The code fragment that causes the issue is this:

if (options.schema) {
        if (typeof message === 'string') {
          if (message.indexOf('[') === 0 || message.indexOf('{') === 0) {
            if (message.indexOf('[object') === -1) {
              message = JSON.parse(message);
            }
          }
        }

The code will attempt to JSON.parse() a string like {keyWithoutQuotes:stringValueWithoutQuotes} which is an invalid JSON object causing JSON.parse() to throw

dalisoft commented 4 years ago

Set {schema: false} and code do not try parse message, like

app.ws('/ws', { schema: false }, (req, ws) => { /* your logic here */ });