You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/03/24 14:25:37 UTC

svn commit: r1788458 - in /tomcat/trunk/java/org/apache/coyote/http2: HPackHuffman.java LocalStrings.properties

Author: markt
Date: Fri Mar 24 14:25:37 2017
New Revision: 1788458

URL: http://svn.apache.org/viewvc?rev=1788458&view=rev
Log:
Huffman encoded string literals must not have more that 7 bits of padding.

Modified:
    tomcat/trunk/java/org/apache/coyote/http2/HPackHuffman.java
    tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties

Modified: tomcat/trunk/java/org/apache/coyote/http2/HPackHuffman.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/HPackHuffman.java?rev=1788458&r1=1788457&r2=1788458&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/HPackHuffman.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/HPackHuffman.java Fri Mar 24 14:25:37 2017
@@ -406,6 +406,9 @@ public class HPackHuffman {
                 }
                 bitPos--;
             }
+            if (bitPos < 0) {
+                throw new HpackException(sm.getString("hpackhuffman.stringLiteralTooMuchPadding"));
+            }
         }
         if (!eosBits) {
             throw new HpackException(sm.getString(

Modified: tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties?rev=1788458&r1=1788457&r2=1788458&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Fri Mar 24 14:25:37 2017
@@ -40,6 +40,7 @@ hpackdecoder.tableSizeUpdateNotAtStart=A
 hpackEncoder.encodeHeader=Encoding header [{0}] with value [{1}]
 
 hpackhuffman.huffmanEncodedHpackValueDidNotEndWithEOS=Huffman encoded value in HPACK headers did not end with EOS padding
+hpackhuffman.stringLiteralTooMuchPadding=More than 7 bits of padding were provided at the end of an Huffman encoded string literal
 
 http2Parser.headerLimitCount=Connection [{0}], Stream [{1}], Too many headers
 http2Parser.headerLimitSize=Connection [{0}], Stream [{1}], Total header size too big



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org