From ddfc40eabdbc59a607b568e946fb116dcd3439fd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 14:20:30 +0200
Subject: Adding upstream version 2.9.7.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/qpack-dec.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'src/qpack-dec.c')

diff --git a/src/qpack-dec.c b/src/qpack-dec.c
index 97392bb..7a8726f 100644
--- a/src/qpack-dec.c
+++ b/src/qpack-dec.c
@@ -135,6 +135,19 @@ int qpack_decode_enc(struct buffer *buf, int fin, void *ctx)
 	}
 	else if (inst & QPACK_ENC_INST_SDTC_BIT) {
 		/* Set dynamic table capacity */
+		int capacity = *b_head(buf) & 0x1f;
+
+		/* RFC 9204 4.3.1. Set Dynamic Table Capacity
+		 *
+		 * The decoder MUST treat a new dynamic table capacity
+		 * value that exceeds this limit as a connection error of type
+		 * QPACK_ENCODER_STREAM_ERROR.
+		 */
+		if (capacity) {
+			qcc_set_error(qcs->qcc, QPACK_ENCODER_STREAM_ERROR, 1);
+			return -1;
+		}
+
 	}
 
 	return 0;
@@ -173,6 +186,18 @@ int qpack_decode_dec(struct buffer *buf, int fin, void *ctx)
 	inst = (unsigned char)*b_head(buf) & QPACK_DEC_INST_BITMASK;
 	if (inst == QPACK_DEC_INST_ICINC) {
 		/* Insert count increment */
+
+		/* RFC 9204 4.4.3. Insert Count Increment
+		 *
+		 * An encoder that receives an Increment field equal to zero, or one
+		 * that increases the Known Received Count beyond what the encoder has
+		 * sent, MUST treat this as a connection error of type
+		 * QPACK_DECODER_STREAM_ERROR.
+		 */
+
+		/* For the moment haproxy does not emit dynamic table insertion. */
+		qcc_set_error(qcs->qcc, QPACK_DECODER_STREAM_ERROR, 1);
+		return -1;
 	}
 	else if (inst & QPACK_DEC_INST_SACK) {
 		/* Section Acknowledgment */
-- 
cgit v1.2.3