Skip to content

Commit

Permalink
HTTP/2: close connection on zero WINDOW_UPDATE.
Browse files Browse the repository at this point in the history 
Don't waste server resources by sending RST_STREAM frames.  Instead,
reject WINDOW_UPDATE frames with invalid zero increment by closing
connection with PROTOCOL_ERROR.
  • Loading branch information
@mdocguard
mdocguard committed Sep 10, 2019
1 parent 456e213 commit c3f8098
Showing 1 changed file with 3 additions and 33 deletions.
36 changes: 3 additions & 33 deletions src/http/v2/ngx_http_v2.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2231,41 +2231,11 @@ ngx_http_v2_state_window_update(ngx_http_v2_connection_t *h2c, u_char *pos,
h2c->state.sid, window);

if (window == 0) {
if (h2c->state.sid == 0) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent WINDOW_UPDATE frame "
"with incorrect window increment 0");

return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_PROTOCOL_ERROR);
}

ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client sent WINDOW_UPDATE frame for stream %ui "
"with incorrect window increment 0", h2c->state.sid);

node = ngx_http_v2_get_node_by_id(h2c, h2c->state.sid, 0);

if (node && node->stream) {
if (ngx_http_v2_terminate_stream(h2c, node->stream,
NGX_HTTP_V2_PROTOCOL_ERROR)
== NGX_ERROR)
{
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_INTERNAL_ERROR);
}

} else {
if (ngx_http_v2_send_rst_stream(h2c, h2c->state.sid,
NGX_HTTP_V2_PROTOCOL_ERROR)
== NGX_ERROR)
{
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_INTERNAL_ERROR);
}
}
"client sent WINDOW_UPDATE frame "
"with incorrect window increment 0");

return ngx_http_v2_state_complete(h2c, pos, end);
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
}

if (h2c->state.sid) {
Expand Down

0 comments on commit c3f8098

Please sign in to comment.