Welcome! Log In Create A New Profile

Advanced

Re: ת����[PATCH] HTTP/2: check stream identifier other than 0 for GOAWAY frame

All files from this thread

File Name File Size   Posted by Date  
tip.patch 1.4 KB open | download Xu Yang 08/26/2020 Read message
Sergey Kandaurov
August 31, 2020 12:04PM
> On 26 Aug 2020, at 11:57, Xu Yang <yangxu0823@foxmail.com> wrote:
>
> Hi all,
> This is a patch for HTTP/2 GOAWAY frame process, please refer to the detail.
> thanks.

Please see a more complete patch below.

# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1598889483 -10800
# Mon Aug 31 18:58:03 2020 +0300
# Node ID 9a88a26f9dfca4effbe0b0ce97d0a569d1b3026d
# Parent 7015f26aef904e2ec17b4b6f6387fd3b8298f79d
HTTP/2: reject invalid stream identifiers with PROTOCOL_ERROR.

Prodded by Xu Yang.

diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c
+++ b/src/http/v2/ngx_http_v2.c
@@ -953,6 +953,13 @@ ngx_http_v2_state_data(ngx_http_v2_conne
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 DATA frame");

+ if (h2c->state.sid == 0) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent DATA frame with incorrect identifier");
+
+ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
if (size > h2c->recv_window) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client violated connection flow control: "
@@ -2095,6 +2102,16 @@ static u_char *
ngx_http_v2_state_settings(ngx_http_v2_connection_t *h2c, u_char *pos,
u_char *end)
{
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 SETTINGS frame");
+
+ if (h2c->state.sid) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent SETTINGS frame with incorrect identifier");
+
+ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
if (h2c->state.flags == NGX_HTTP_V2_ACK_FLAG) {

if (h2c->state.length != 0) {
@@ -2118,9 +2135,6 @@ ngx_http_v2_state_settings(ngx_http_v2_c
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_SIZE_ERROR);
}

- ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 SETTINGS frame");
-
return ngx_http_v2_state_settings_params(h2c, pos, end);
}

@@ -2269,6 +2283,13 @@ ngx_http_v2_state_ping(ngx_http_v2_conne
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 PING frame");

+ if (h2c->state.sid) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent PING frame with incorrect identifier");
+
+ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
if (h2c->state.flags & NGX_HTTP_V2_ACK_FLAG) {
return ngx_http_v2_state_skip(h2c, pos, end);
}
@@ -2310,6 +2331,13 @@ ngx_http_v2_state_goaway(ngx_http_v2_con
return ngx_http_v2_state_save(h2c, pos, end, ngx_http_v2_state_goaway);
}

+ if (h2c->state.sid) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent GOAWAY frame with incorrect identifier");
+
+ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
#if (NGX_DEBUG)
h2c->state.length -= NGX_HTTP_V2_GOAWAY_SIZE;


--
Sergey Kandaurov

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

ת����[PATCH] HTTP/2: check stream identifier other than 0 for GOAWAY frame Attachments

Xu Yang August 26, 2020 04:58AM

Re: ת����[PATCH] HTTP/2: check stream identifier other than 0 for GOAWAY frame

Sergey Kandaurov August 31, 2020 12:04PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 77
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready