You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ca...@apache.org on 2020/07/18 00:10:31 UTC
[trafficserver] branch 7.1.x updated: Backport 7.1.x: Add range
check of Http2SettingsIdentifier (#7009)
This is an automated email from the ASF dual-hosted git repository.
calavera pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/7.1.x by this push:
new 37bd096 Backport 7.1.x: Add range check of Http2SettingsIdentifier (#7009)
37bd096 is described below
commit 37bd0968ac5fcb27eb9364fe9ab554f395a2dc80
Author: tomoatan <68...@users.noreply.github.com>
AuthorDate: Sat Jul 18 09:10:17 2020 +0900
Backport 7.1.x: Add range check of Http2SettingsIdentifier (#7009)
* Add range check of Http2SettingsIdentifier
* Coverity 1373300: Use of untrusted scalar value
Co-authored-by: Masaori Koshiba <ma...@apache.org>
---
proxy/http2/Http2ConnectionState.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/proxy/http2/Http2ConnectionState.h b/proxy/http2/Http2ConnectionState.h
index 925ccb8..cf7ab64 100644
--- a/proxy/http2/Http2ConnectionState.h
+++ b/proxy/http2/Http2ConnectionState.h
@@ -70,7 +70,7 @@ public:
unsigned
get(Http2SettingsIdentifier id) const
{
- if (id < HTTP2_SETTINGS_MAX) {
+ if (0 < id && id < HTTP2_SETTINGS_MAX) {
return this->settings[indexof(id)];
} else {
ink_assert(!"Bad Settings Identifier");
@@ -82,7 +82,7 @@ public:
unsigned
set(Http2SettingsIdentifier id, unsigned value)
{
- if (id < HTTP2_SETTINGS_MAX) {
+ if (0 < id && id < HTTP2_SETTINGS_MAX) {
return this->settings[indexof(id)] = value;
} else {
// Do nothing - 6.5.2 Unsupported parameters MUST be ignored
@@ -96,7 +96,7 @@ private:
static unsigned
indexof(Http2SettingsIdentifier id)
{
- ink_assert(id < HTTP2_SETTINGS_MAX);
+ ink_assert(0 < id && id < HTTP2_SETTINGS_MAX);
return id - 1;
}