Forum List Message List New Topic Print View

Roman Arutyunyan

May 26, 2022 07:48AM

# HG changeset patch
# User Roman Arutyunyan <arut@nginx.com>
# Date 1653564901 -14400
# Thu May 26 15:35:01 2022 +0400
# Branch quic
# Node ID 9feb0196a87189b573757cc00a15ff0acf4d5f8c
# Parent c2f5d79cde64457f1fa7344c56a5248a677a7e46
HTTP/3: require that field section base index is not negative.

RFC 9204 explicitly requires that.

diff --git a/src/http/v3/ngx_http_v3_parse.c b/src/http/v3/ngx_http_v3_parse.c
--- a/src/http/v3/ngx_http_v3_parse.c
+++ b/src/http/v3/ngx_http_v3_parse.c
@@ -474,7 +474,12 @@ done:
}

if (st->sign) {
+ if (st->insert_count <= st->delta_base) {
+ return NGX_HTTP_V3_ERR_DECOMPRESSION_FAILED;
+ }
+
st->base = st->insert_count - st->delta_base - 1;
+
} else {
st->base = st->insert_count + st->delta_base;
}

_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH] HTTP/3: require that field section base index is not negative	Roman Arutyunyan	277	May 26, 2022 07:48AM
Re: [PATCH] HTTP/3: require that field section base index is not negative	Sergey Kandaurov	107	May 26, 2022 09:06AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 288

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018

[PATCH] HTTP/3: require that field section base index is not negative

Re: [PATCH] HTTP/3: require that field section base index is not negative

Online Users