[PATCH] HTTP/2: emit PROTOCOL_ERROR on invalid WINDOW_UPDATE increments
Piotr Sikora
piotrsikora at google.com
Tue Mar 28 10:52:07 UTC 2017
# HG changeset patch
# User Piotr Sikora <piotrsikora at google.com>
# Date 1490516706 25200
# Sun Mar 26 01:25:06 2017 -0700
# Node ID ccb36c87291e38d1a63224d143cbeaa4ee4a4287
# Parent 22be63bf21edaa1b8ea916c7d8cd4e5fe4892061
HTTP/2: emit PROTOCOL_ERROR on invalid WINDOW_UPDATE increments.
Signed-off-by: Piotr Sikora <piotrsikora at google.com>
diff -r 22be63bf21ed -r ccb36c87291e src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c
+++ b/src/http/v2/ngx_http_v2.c
@@ -2168,11 +2168,42 @@ ngx_http_v2_state_window_update(ngx_http
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"unknown http2 stream");
+ if (window == 0) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent WINDOW_UPDATE frame for unknown "
+ "stream %ui with incorrect window increment 0",
+ h2c->state.sid);
+
+ if (ngx_http_v2_send_rst_stream(h2c, h2c->state.sid,
+ NGX_HTTP_V2_PROTOCOL_ERROR)
+ == NGX_ERROR)
+ {
+ return ngx_http_v2_connection_error(h2c,
+ NGX_HTTP_V2_INTERNAL_ERROR);
+ }
+ }
+
return ngx_http_v2_state_complete(h2c, pos, end);
}
stream = node->stream;
+ if (window == 0) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent WINDOW_UPDATE frame for stream %ui "
+ "with incorrect window increment 0", h2c->state.sid);
+
+ if (ngx_http_v2_terminate_stream(h2c, stream,
+ NGX_HTTP_V2_PROTOCOL_ERROR)
+ == NGX_ERROR)
+ {
+ return ngx_http_v2_connection_error(h2c,
+ NGX_HTTP_V2_INTERNAL_ERROR);
+ }
+
+ return ngx_http_v2_state_complete(h2c, pos, end);
+ }
+
if (window > (size_t) (NGX_HTTP_V2_MAX_WINDOW - stream->send_window)) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
@@ -2211,6 +2242,14 @@ ngx_http_v2_state_window_update(ngx_http
return ngx_http_v2_state_complete(h2c, pos, end);
}
+ if (window == 0) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent WINDOW_UPDATE frame "
+ "with incorrect window increment 0");
+
+ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
if (window > NGX_HTTP_V2_MAX_WINDOW - h2c->send_window) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client violated connection flow control: "
More information about the nginx-devel
mailing list