Fijxu/nginx-quic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

HTTP/2: rejecting zero WINDOW_UPDATE with PROTOCOL_ERROR.

Browse source 
It's required by RFC 7540.  While there is no real harm from such frames,
that should help to detect broken clients.

Based on a patch by Piotr Sikora.
This commit is contained in:
Valentin Bartenev 2017-04-24 14:16:57 +03:00
parent 68443f18f6
commit e11a774eec
1 changed files with 38 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
src/http/v2/ngx_http_v2.c
View file

@ -2166,6 +2166,44 @@ ngx_http_v2_state_window_update(ngx_http_v2_connection_t *h2c, u_char *pos,
"http2 WINDOW_UPDATE frame sid:%ui window:%uz",
h2c->state.sid, window);
if (window == 0) {
if (h2c->state.sid == 0) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent WINDOW_UPDATE frame "
"with incorrect window increment 0");
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_PROTOCOL_ERROR);
}
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent WINDOW_UPDATE frame for stream %ui "
"with incorrect window increment 0", h2c->state.sid);
node = ngx_http_v2_get_node_by_id(h2c, h2c->state.sid, 0);
if (node && node->stream) {
if (ngx_http_v2_terminate_stream(h2c, node->stream,
NGX_HTTP_V2_PROTOCOL_ERROR)
== NGX_ERROR)
{
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_INTERNAL_ERROR);
}
} else {
if (ngx_http_v2_send_rst_stream(h2c, h2c->state.sid,
NGX_HTTP_V2_PROTOCOL_ERROR)
== NGX_ERROR)
{
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_INTERNAL_ERROR);
}
}
return ngx_http_v2_state_complete(h2c, pos, end);
}
if (h2c->state.sid) {
node = ngx_http_v2_get_node_by_id(h2c, h2c->state.sid, 0);