You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/11/16 12:19:10 UTC
svn commit: r1815442 - in /tomcat/trunk:
java/org/apache/coyote/http2/HpackDecoder.java
java/org/apache/coyote/http2/LocalStrings.properties
webapps/docs/changelog.xml
Author: markt
Date: Thu Nov 16 12:19:10 2017
New Revision: 1815442
URL: http://svn.apache.org/viewvc?rev=1815442&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61740
Correct an off-by-one error in the Hpack header index validation that caused intermittent request failures when using HTTP/2.
Modified:
tomcat/trunk/java/org/apache/coyote/http2/HpackDecoder.java
tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/coyote/http2/HpackDecoder.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/HpackDecoder.java?rev=1815442&r1=1815441&r2=1815442&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/HpackDecoder.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/HpackDecoder.java Thu Nov 16 12:19:10 2017
@@ -240,8 +240,11 @@ public class HpackDecoder {
if (index <= Hpack.STATIC_TABLE_LENGTH) {
return Hpack.STATIC_TABLE[index].name;
} else {
- if (index >= Hpack.STATIC_TABLE_LENGTH + filledTableSlots) {
- throw new HpackException();
+ // index is 1 based
+ if (index > Hpack.STATIC_TABLE_LENGTH + filledTableSlots) {
+ throw new HpackException(sm.getString("hpackdecoder.headerTableIndexInvalid",
+ Integer.valueOf(index), Integer.valueOf(Hpack.STATIC_TABLE_LENGTH),
+ Integer.valueOf(filledTableSlots)));
}
int adjustedIndex = getRealIndex(index - Hpack.STATIC_TABLE_LENGTH);
Hpack.HeaderField res = headerTable[adjustedIndex];
Modified: tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties?rev=1815442&r1=1815441&r2=1815442&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Thu Nov 16 12:19:10 2017
@@ -34,6 +34,7 @@ frameType.checkStream=Invalid frame type
hpack.integerEncodedOverTooManyOctets=HPACK variable length integer encoded over too many octets, max is [{0}]
hpack.invalidCharacter=The Unicode character [{0}] at code point [{1}] cannot be encoded as it is outside the permitted range of 0 to 255.
+hpackdecoder.headerTableIndexInvalid=The header table index [{0}] is not valid as there are [{1}] static entries and [{2}] dynamic entries
hpackdecoder.tableSizeUpdateNotAtStart=Any table size update must be sent at the start of a header block
hpackdecoder.zeroNotValidHeaderTableIndex=Zero is not a valid header table index
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1815442&r1=1815441&r2=1815442&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Nov 16 12:19:10 2017
@@ -110,6 +110,11 @@
<bug>61719</bug>: Avoid possible NPE calling
InputStream.setReadListener with HTTP/2. (remm)
</fix>
+ <fix>
+ <bug>61740</bug>: Correct an off-by-one error in the Hpack header index
+ validation that caused intermittent request failures when using HTTP/2.
+ (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org