summaryrefslogtreecommitdiffstats
path: root/netwerk/protocol/http/Http2Session.cpp
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 18:34:59 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 18:34:59 +0000
commitb0410fc20c45227756a7bbdcff65e29eb0bc4d91 (patch)
tree36bdaeed45bddfc236ac77adf672339174b3c9b3 /netwerk/protocol/http/Http2Session.cpp
parentAdding debian version 115.9.1esr-1~deb12u1. (diff)
downloadfirefox-esr-b0410fc20c45227756a7bbdcff65e29eb0bc4d91.tar.xz
firefox-esr-b0410fc20c45227756a7bbdcff65e29eb0bc4d91.zip
Merging upstream version 115.10.0esr.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'netwerk/protocol/http/Http2Session.cpp')
-rw-r--r--netwerk/protocol/http/Http2Session.cpp21
1 files changed, 11 insertions, 10 deletions
diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
index d2236ab3ad..3f9757b419 100644
--- a/netwerk/protocol/http/Http2Session.cpp
+++ b/netwerk/protocol/http/Http2Session.cpp
@@ -1416,6 +1416,13 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
return self->SessionError(PROTOCOL_ERROR);
}
+ uint32_t frameSize = self->mInputFrameDataSize - paddingControlBytes -
+ priorityLen - paddingLength;
+ if (self->mAggregatedHeaderSize + frameSize >
+ StaticPrefs::network_http_max_response_header_size()) {
+ LOG(("Http2Session %p header exceeds the limit\n", self));
+ return self->SessionError(PROTOCOL_ERROR);
+ }
if (!self->mInputFrameDataStream) {
// Cannot find stream. We can continue the session, but we need to
// uncompress the header block to maintain the correct compression context
@@ -1432,8 +1439,7 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
self->mDecompressBuffer.Append(
&self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
priorityLen],
- self->mInputFrameDataSize - paddingControlBytes - priorityLen -
- paddingLength);
+ frameSize);
if (self->mInputFrameFlags & kFlag_END_HEADERS) {
rv = self->UncompressAndDiscard(false);
@@ -1463,21 +1469,16 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
self->mDecompressBuffer.Append(
&self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
priorityLen],
- self->mInputFrameDataSize - paddingControlBytes - priorityLen -
- paddingLength);
+ frameSize);
self->mInputFrameDataStream->UpdateTransportReadEvents(
self->mInputFrameDataSize);
self->mLastDataReadEpoch = self->mLastReadEpoch;
if (!isContinuation) {
- self->mAggregatedHeaderSize = self->mInputFrameDataSize -
- paddingControlBytes - priorityLen -
- paddingLength;
+ self->mAggregatedHeaderSize = frameSize;
} else {
- self->mAggregatedHeaderSize += self->mInputFrameDataSize -
- paddingControlBytes - priorityLen -
- paddingLength;
+ self->mAggregatedHeaderSize += frameSize;
}
if (!endHeadersFlag) { // more are coming - don't process yet