[fix] Prevent allocation of memory through ping frames

Author: 3rd-Eden

lib/Sender.js

@@ -155,6 +155,14 @@ Sender.prototype.frameAndSend = function(opcode, data, finalFragment, maskData,
     if (data && (typeof data.byteLength !== 'undefined' || typeof data.buffer !== 'undefined')) {
       data = getArrayBuffer(data);
     } else {
+      //
+      // If people want to send a number, this would allocate the number in
+      // bytes as memory size instead of storing the number as buffer value. So
+      // we need to transform it to string in order to prevent possible
+      // vulnerabilities / memory attacks.
+      //
+      if (typeof data === 'number') data = data.toString();
+
       data = new Buffer(data);
     }
   }

lib/WebSocket.js

@@ -918,7 +918,7 @@ function cleanupWebsocketResources(error) {
   this._closeTimer = null;
 
   if (emitClose) {
-    // If the connection was closed abnormally (with an error), or if 
+    // If the connection was closed abnormally (with an error), or if
     // the close control frame was not received then the close code
     // must default to 1006.
     if (error || !this._closeReceived) {

test/WebSocket.test.js

@@ -40,7 +40,7 @@ describe('WebSocket', function() {
         done();
       }
     });
-    
+
     it('should return a new instance if called without new', function(done) {
       var ws = WebSocket('ws://localhost:' + port);
       ws.should.be.an.instanceOf(WebSocket);
@@ -585,6 +585,23 @@ describe('WebSocket', function() {
       });
     });
 
+    it('can send safely receive numbers as ping payload', function(done) {
+      server.createServer(++port, function(srv) {
+        var ws = new WebSocket('ws://localhost:' + port);
+
+        ws.on('open', function() {
+          ws.ping(200);
+        });
+
+        srv.on('ping', function(message) {
+          assert.equal('200', message);
+          srv.close();
+          ws.terminate();
+          done();
+        });
+      });
+    });
+
     it('with encoded message is successfully transmitted to the server', function(done) {
       server.createServer(++port, function(srv) {
         var ws = new WebSocket('ws://localhost:' + port);