Skip to content

HPACK circular overflow #12190 #12782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 1, 2019
Merged

HPACK circular overflow #12190 #12782

merged 1 commit into from
Aug 1, 2019

Conversation

Tratcher
Copy link
Member

@anurse 3.0 candidate

Description
When the client tries to intern more than 127 entries in the dynamic header table it reaches the end of the circular buffer and fails to properly wrap.

Customer Impact
Multiple external reports, depends on client input, hard to diagnose, and with no mitigation but to disable HTTP/2.
#12190
#12045

Regression? No

Risk
Low. Once we understood the repro the fix was simple and easy to test.

@geoffkizer This bug also exists in corefx:
https://github.com/dotnet/corefx/blob/06d215d9fe6fff08f81add5ed341641f668075c0/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HPack/DynamicTable.cs#L37

@Tratcher Tratcher added this to the 3.0.0-preview9 milestone Jul 31, 2019
@Tratcher Tratcher requested review from halter73 and jkotalik July 31, 2019 22:22
@Tratcher Tratcher requested a review from analogrelay as a code owner July 31, 2019 22:22
@Tratcher Tratcher self-assigned this Jul 31, 2019
@analogrelay
Copy link
Contributor

Looks good and OK with me for ask-mode. Apply the label when review approvals are received.

@Tratcher Tratcher mentioned this pull request Aug 1, 2019
Merged
scalablecory
scalablecory approved these changes Aug 1, 2019
View reviewed changes
Copy link
Contributor

@scalablecory scalablecory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Tratcher Tratcher added the ask-mode This issue / PR is a patch candidate which we will bar-check internally before patching it. label Aug 1, 2019
@analogrelay analogrelay self-assigned this Aug 1, 2019
@leecow
Copy link
Member

leecow commented Aug 1, 2019

Tactics approved

@Tratcher Tratcher merged commit 59f6b85 into release/3.0 Aug 1, 2019
@ghost ghost deleted the tratcher/hpack branch August 1, 2019 21:30
@Tratcher Tratcher mentioned this pull request Sep 3, 2019
Closed
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Jun 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scalablecory scalablecory scalablecory approved these changes

@jkotalik jkotalik jkotalik approved these changes

@halter73 halter73 Awaiting requested review from halter73

@analogrelay analogrelay Awaiting requested review from analogrelay

Assignees

@analogrelay analogrelay

@Tratcher Tratcher

Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions ask-mode This issue / PR is a patch candidate which we will bar-check internally before patching it. feature-kestrel
Projects
None yet
Milestone
3.0.0-preview9
Development

Successfully merging this pull request may close these issues.
6 participants
@Tratcher @analogrelay @leecow @scalablecory @jkotalik @amcasey