[PATCH] HTTP/2: emit PROTOCOL_ERROR on invalid WINDOW_UPDATE increments
Piotr Sikora
piotrsikora at google.com
Thu Mar 30 00:47:42 UTC 2017
Hey Valentin,
> Here's my version of the patch.
> It's made similar to ngx_http_v2_state_priority().
>
> # HG changeset patch
> # User Valentin Bartenev <vbart at nginx.com>
> # Date 1490721720 -10800
> # Tue Mar 28 20:22:00 2017 +0300
> # Node ID 3e798c552767068056c0251d7b6bd9ffd2587fc0
> # Parent ce37362a7a70c0acd14ba01c8c2223b366b62233
> HTTP/2: rejecting zero WINDOW_UPDATE with PROTOCOL_ERROR.
>
> It's required by RFC 7540. While there is no real harm from such frames,
> that should help to detect broken clients.
>
> Prodded by Piotr Sikora.
s/Prodded/Based on a patch/.
> diff -r ce37362a7a70 -r 3e798c552767 src/http/v2/ngx_http_v2.c
> --- a/src/http/v2/ngx_http_v2.c Tue Mar 28 18:15:42 2017 +0300
> +++ b/src/http/v2/ngx_http_v2.c Tue Mar 28 20:22:00 2017 +0300
> @@ -2161,6 +2161,40 @@ ngx_http_v2_state_window_update(ngx_http
> "http2 WINDOW_UPDATE frame sid:%ui window:%uz",
> h2c->state.sid, window);
>
> + if (window == 0) {
> + ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
> + "client sent WINDOW_UPDATE frame "
> + "with incorrect window increment 0");
I don't think that omitting Stream ID is a good idea.
Looks good, otherwise.
Best regards,
Piotr Sikora
More information about the nginx-devel
mailing list