Skip to content

[chore] http2: fix integer overflow in unconsumed_bytes_#45974

Open
vishalmore90 wants to merge 1 commit into
envoyproxy:mainfrom
vishalmore90:fix-issue-45887
Open

[chore] http2: fix integer overflow in unconsumed_bytes_#45974
vishalmore90 wants to merge 1 commit into
envoyproxy:mainfrom
vishalmore90:fix-issue-45887

Conversation

@vishalmore90

Copy link
Copy Markdown

Commit Message: http2: fix integer overflow in unconsumed_bytes_

Change the type of unconsumed_bytes_ from uint32_t to uint64_t in ConnectionImpl::StreamImpl to prevent flow control state corruption due to integer overflow on read-disabled streams.

Additional Description:
When a stream is read-disabled, Envoy accumulates the number of unconsumed bytes received on the stream. When the stream is later read-enabled, Envoy reports the accumulated unconsumed bytes back to the HTTP/2 codec to restore the peer's flow control window. Because unconsumed_bytes_ was declared as a uint32_t, it could overflow if the peer sent more than 4 GB of data before the stream was read-enabled, leading to connection/stream flow control corruption (stalls or data floods). Changing the type to uint64_t prevents this overflow.

Risk Level: Low (Simple type conversion, fully backward-compatible)

Testing: Added a unit test UnconsumedBytesOverflowPrevention in codec_impl_test.cc that simulates the addition of bytes beyond UINT32_MAX and verifies it doesn't wrap around.

Docs Changes: N/A
Release Notes: N/A

Signed-off-by: vishal <httpsvishal07@gmail.com>
@vishalmore90 vishalmore90 requested a deployment to external-contributors July 4, 2026 17:47 — with GitHub Actions Waiting
@repokitteh-read-only

Copy link
Copy Markdown

Hi @vishalmore90, welcome and thank you for your contribution.

We will try to review your Pull Request as quickly as possible.

In the meantime, please take a look at the contribution guidelines if you have not done so already.

🐱

Caused by: #45974 was opened by vishalmore90.

see: more, trace.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant