IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

HTTP/2: rejecting invalid stream identifiers with PROTOCOL_ERROR.

Browse Source 
Prodded by Xu Yang.
This commit is contained in:
Sergey Kandaurov 2020-09-02 23:13:36 +03:00
parent 554916301c
commit b1274232db
1 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/http/v2/ngx_http_v2.c
View File

@ -953,6 +953,13 @@ ngx_http_v2_state_data(ngx_http_v2_connection_t *h2c, u_char *pos, u_char *end)
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 DATA frame"); "http2 DATA frame");
if (h2c->state.sid == 0) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent DATA frame with incorrect identifier");
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
}
if (size > h2c->recv_window) { if (size > h2c->recv_window) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client violated connection flow control: " "client violated connection flow control: "
@ -2095,6 +2102,16 @@ static u_char *
ngx_http_v2_state_settings(ngx_http_v2_connection_t *h2c, u_char *pos, ngx_http_v2_state_settings(ngx_http_v2_connection_t *h2c, u_char *pos,
u_char *end) u_char *end)
{ {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 SETTINGS frame");
if (h2c->state.sid) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent SETTINGS frame with incorrect identifier");
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
}
if (h2c->state.flags == NGX_HTTP_V2_ACK_FLAG) { if (h2c->state.flags == NGX_HTTP_V2_ACK_FLAG) {
if (h2c->state.length != 0) { if (h2c->state.length != 0) {
@ -2118,9 +2135,6 @@ ngx_http_v2_state_settings(ngx_http_v2_connection_t *h2c, u_char *pos,
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_SIZE_ERROR); return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_SIZE_ERROR);
} }
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 SETTINGS frame");
return ngx_http_v2_state_settings_params(h2c, pos, end); return ngx_http_v2_state_settings_params(h2c, pos, end);
} }
@ -2269,6 +2283,13 @@ ngx_http_v2_state_ping(ngx_http_v2_connection_t *h2c, u_char *pos, u_char *end)
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 PING frame"); "http2 PING frame");
if (h2c->state.sid) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent PING frame with incorrect identifier");
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
}
if (h2c->state.flags & NGX_HTTP_V2_ACK_FLAG) { if (h2c->state.flags & NGX_HTTP_V2_ACK_FLAG) {
return ngx_http_v2_state_skip(h2c, pos, end); return ngx_http_v2_state_skip(h2c, pos, end);
} }
@ -2310,6 +2331,13 @@ ngx_http_v2_state_goaway(ngx_http_v2_connection_t *h2c, u_char *pos,
return ngx_http_v2_state_save(h2c, pos, end, ngx_http_v2_state_goaway); return ngx_http_v2_state_save(h2c, pos, end, ngx_http_v2_state_goaway);
} }
if (h2c->state.sid) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent GOAWAY frame with incorrect identifier");
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
}
#if (NGX_DEBUG) #if (NGX_DEBUG)
h2c->state.length -= NGX_HTTP_V2_GOAWAY_SIZE; h2c->state.length -= NGX_HTTP_V2_GOAWAY_SIZE;