summaryrefslogtreecommitdiffstats
path: root/netwerk/protocol/http/Http2Session.cpp
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:27 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:27 +0000
commit40a355a42d4a9444dc753c04c6608dade2f06a23 (patch)
tree871fc667d2de662f171103ce5ec067014ef85e61 /netwerk/protocol/http/Http2Session.cpp
parentAdding upstream version 124.0.1. (diff)
downloadfirefox-40a355a42d4a9444dc753c04c6608dade2f06a23.tar.xz
firefox-40a355a42d4a9444dc753c04c6608dade2f06a23.zip
Adding upstream version 125.0.1.upstream/125.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'netwerk/protocol/http/Http2Session.cpp')
-rw-r--r--netwerk/protocol/http/Http2Session.cpp23
1 files changed, 12 insertions, 11 deletions
diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
index e969d60c4d..d5793b2147 100644
--- a/netwerk/protocol/http/Http2Session.cpp
+++ b/netwerk/protocol/http/Http2Session.cpp
@@ -223,7 +223,7 @@ void Http2Session::ShutdownStream(Http2StreamBase* aStream, nsresult aReason) {
CloseStream(aStream, NS_ERROR_NET_INADEQUATE_SECURITY);
} else if (!mCleanShutdown && (mGoAwayReason != NO_HTTP_ERROR)) {
CloseStream(aStream, NS_ERROR_NET_HTTP2_SENT_GOAWAY);
- } else if (!mCleanShutdown && SecurityErrorThatMayNeedRestart(aReason)) {
+ } else if (!mCleanShutdown && PossibleZeroRTTRetryError(aReason)) {
CloseStream(aStream, aReason);
} else {
CloseStream(aStream, NS_ERROR_ABORT);
@@ -1419,6 +1419,13 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
return self->SessionError(PROTOCOL_ERROR);
}
+ uint32_t frameSize = self->mInputFrameDataSize - paddingControlBytes -
+ priorityLen - paddingLength;
+ if (self->mAggregatedHeaderSize + frameSize >
+ StaticPrefs::network_http_max_response_header_size()) {
+ LOG(("Http2Session %p header exceeds the limit\n", self));
+ return self->SessionError(PROTOCOL_ERROR);
+ }
if (!self->mInputFrameDataStream) {
// Cannot find stream. We can continue the session, but we need to
// uncompress the header block to maintain the correct compression context
@@ -1435,8 +1442,7 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
self->mDecompressBuffer.Append(
&self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
priorityLen],
- self->mInputFrameDataSize - paddingControlBytes - priorityLen -
- paddingLength);
+ frameSize);
if (self->mInputFrameFlags & kFlag_END_HEADERS) {
rv = self->UncompressAndDiscard(false);
@@ -1466,21 +1472,16 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
self->mDecompressBuffer.Append(
&self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
priorityLen],
- self->mInputFrameDataSize - paddingControlBytes - priorityLen -
- paddingLength);
+ frameSize);
self->mInputFrameDataStream->UpdateTransportReadEvents(
self->mInputFrameDataSize);
self->mLastDataReadEpoch = self->mLastReadEpoch;
if (!isContinuation) {
- self->mAggregatedHeaderSize = self->mInputFrameDataSize -
- paddingControlBytes - priorityLen -
- paddingLength;
+ self->mAggregatedHeaderSize = frameSize;
} else {
- self->mAggregatedHeaderSize += self->mInputFrameDataSize -
- paddingControlBytes - priorityLen -
- paddingLength;
+ self->mAggregatedHeaderSize += frameSize;
}
if (!endHeadersFlag) { // more are coming - don't process yet