From 1d5bb90cb0a1b457570019845fed207faed67a99 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 21 Apr 2024 20:34:58 +0200
Subject: Adding upstream version 115.10.0esr.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 netwerk/protocol/http/Http2Session.cpp      | 21 +++++++++++----------
 netwerk/protocol/http/nsHttpHandler.cpp     |  7 -------
 netwerk/protocol/http/nsHttpHandler.h       |  7 -------
 netwerk/protocol/http/nsHttpTransaction.cpp |  2 +-
 4 files changed, 12 insertions(+), 25 deletions(-)

(limited to 'netwerk/protocol')

diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
index d2236ab3ad..3f9757b419 100644
--- a/netwerk/protocol/http/Http2Session.cpp
+++ b/netwerk/protocol/http/Http2Session.cpp
@@ -1416,6 +1416,13 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
     return self->SessionError(PROTOCOL_ERROR);
   }
 
+  uint32_t frameSize = self->mInputFrameDataSize - paddingControlBytes -
+                       priorityLen - paddingLength;
+  if (self->mAggregatedHeaderSize + frameSize >
+      StaticPrefs::network_http_max_response_header_size()) {
+    LOG(("Http2Session %p header exceeds the limit\n", self));
+    return self->SessionError(PROTOCOL_ERROR);
+  }
   if (!self->mInputFrameDataStream) {
     // Cannot find stream. We can continue the session, but we need to
     // uncompress the header block to maintain the correct compression context
@@ -1432,8 +1439,7 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
     self->mDecompressBuffer.Append(
         &self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
                                  priorityLen],
-        self->mInputFrameDataSize - paddingControlBytes - priorityLen -
-            paddingLength);
+        frameSize);
 
     if (self->mInputFrameFlags & kFlag_END_HEADERS) {
       rv = self->UncompressAndDiscard(false);
@@ -1463,21 +1469,16 @@ nsresult Http2Session::RecvHeaders(Http2Session* self) {
   self->mDecompressBuffer.Append(
       &self->mInputFrameBuffer[kFrameHeaderBytes + paddingControlBytes +
                                priorityLen],
-      self->mInputFrameDataSize - paddingControlBytes - priorityLen -
-          paddingLength);
+      frameSize);
 
   self->mInputFrameDataStream->UpdateTransportReadEvents(
       self->mInputFrameDataSize);
   self->mLastDataReadEpoch = self->mLastReadEpoch;
 
   if (!isContinuation) {
-    self->mAggregatedHeaderSize = self->mInputFrameDataSize -
-                                  paddingControlBytes - priorityLen -
-                                  paddingLength;
+    self->mAggregatedHeaderSize = frameSize;
   } else {
-    self->mAggregatedHeaderSize += self->mInputFrameDataSize -
-                                   paddingControlBytes - priorityLen -
-                                   paddingLength;
+    self->mAggregatedHeaderSize += frameSize;
   }
 
   if (!endHeadersFlag) {  // more are coming - don't process yet
diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp
index e20e0fa400..3fc3b7fa1b 100644
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -1440,13 +1440,6 @@ void nsHttpHandler::PrefsChanged(const char* pref) {
     }
   }
 
-  if (PREF_CHANGED(HTTP_PREF("max_response_header_size"))) {
-    rv = Preferences::GetInt(HTTP_PREF("max_response_header_size"), &val);
-    if (NS_SUCCEEDED(rv)) {
-      mMaxHttpResponseHeaderSize = val;
-    }
-  }
-
   if (PREF_CHANGED(HTTP_PREF("throttle.enable"))) {
     rv = Preferences::GetBool(HTTP_PREF("throttle.enable"), &mThrottleEnabled);
     if (NS_SUCCEEDED(rv) && mConnMgr) {
diff --git a/netwerk/protocol/http/nsHttpHandler.h b/netwerk/protocol/http/nsHttpHandler.h
index cf745347ee..ba0b3114e6 100644
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -447,10 +447,6 @@ class nsHttpHandler final : public nsIHttpProtocolHandler,
     return (uint16_t)mHttp3MaxBlockedStreams;
   }
 
-  uint32_t MaxHttpResponseHeaderSize() const {
-    return mMaxHttpResponseHeaderSize;
-  }
-
   const nsCString& Http3QlogDir();
 
   float FocusedWindowTransactionRatio() const {
@@ -730,9 +726,6 @@ class nsHttpHandler final : public nsIHttpProtocolHandler,
 
   nsCString mHttp3QlogDir;
 
-  // The max size (in bytes) for received Http response header.
-  uint32_t mMaxHttpResponseHeaderSize{393216};
-
   // The ratio for dispatching transactions from the focused window.
   float mFocusedWindowTransactionRatio{0.9f};
 
diff --git a/netwerk/protocol/http/nsHttpTransaction.cpp b/netwerk/protocol/http/nsHttpTransaction.cpp
index fcfbdb6503..32fa0fef39 100644
--- a/netwerk/protocol/http/nsHttpTransaction.cpp
+++ b/netwerk/protocol/http/nsHttpTransaction.cpp
@@ -2477,7 +2477,7 @@ nsresult nsHttpTransaction::ProcessData(char* buf, uint32_t count,
 
     mCurrentHttpResponseHeaderSize += bytesConsumed;
     if (mCurrentHttpResponseHeaderSize >
-        gHttpHandler->MaxHttpResponseHeaderSize()) {
+        StaticPrefs::network_http_max_response_header_size()) {
       LOG(("nsHttpTransaction %p The response header exceeds the limit.\n",
            this));
       return NS_ERROR_FILE_TOO_BIG;
-- 
cgit v1.2.3