mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 06:11:32 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame

Browse Source 
We currently don't use stream dependencies, but as reported by h2spec,
the spec requires that we reject streams that depend on themselves in
HEADERS frames.

To backport to 1.8.
This commit is contained in:
Willy Tarreau 2017-12-03 19:24:50 +01:00
parent 1b38b46ab7
commit 18b86cd074
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/mux_h2.c
View File

@ -2465,6 +2465,12 @@ static int h2_frt_decode_headers(struct h2s *h2s, struct buffer *buf, int count)
/* Skip StreamDep and weight for now (we don't support PRIORITY) */
if (h2c->dff & H2_F_HEADERS_PRIORITY) {
if (read_n32(hdrs) == h2s->id) {
/* RFC7540#5.3.1 : stream dep may not depend on itself */
h2c_error(h2c, H2_ERR_PROTOCOL_ERROR);
return 0;//goto fail_stream;
}
hdrs += 5; // stream dep = 4, weight = 1
flen -= 5;
}