trafficserver git commit: TS-3986: Restore validations for flags of HTTP/2 Frame

Mon, 30 Nov 2015 13:00:13 -0800 

Repository: trafficserver
Updated Branches:
  refs/heads/master ef2e4ba28 -> cb8382a64


TS-3986: Restore validations for flags of HTTP/2 Frame

This closes #353


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cb8382a6
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cb8382a6
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cb8382a6

Branch: refs/heads/master
Commit: cb8382a64cebe3003085269497846a58c0a8febc
Parents: ef2e4ba
Author: Masakazu Kitajo <[email protected]>
Authored: Mon Nov 30 12:59:21 2015 -0800
Committer: Bryan Call <[email protected]>
Committed: Mon Nov 30 12:59:38 2015 -0800

----------------------------------------------------------------------
 proxy/http2/HTTP2.cc | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cb8382a6/proxy/http2/HTTP2.cc
----------------------------------------------------------------------
diff --git a/proxy/http2/HTTP2.cc b/proxy/http2/HTTP2.cc
index 7789e90..195b9e1 100644
--- a/proxy/http2/HTTP2.cc
+++ b/proxy/http2/HTTP2.cc
@@ -113,8 +113,12 @@ http2_are_frame_flags_valid(uint8_t ftype, uint8_t fflags)
     HTTP2_FLAGS_WINDOW_UPDATE_MASK, HTTP2_FLAGS_CONTINUATION_MASK,
   };
 
-  // The frame flags are valid for this frame if nothing outside the defined
-  // bits is set.
+  if (ftype >= HTTP2_FRAME_TYPE_MAX) {
+    // Skip validation for Unkown frame type - [RFC 7540] 5.5. Extending HTTP/2
+    return true;
+  }
+
+  // The frame flags are valid for this frame if nothing outside the defined 
bits is set.
   return (fflags & ~mask[ftype]) == 0;
 }
 
@@ -122,8 +126,7 @@ bool
 http2_frame_header_is_valid(const Http2FrameHeader &hdr, unsigned 
max_frame_size)
 {
   if (!http2_are_frame_flags_valid(hdr.type, hdr.flags)) {
-    // XXX not working right now
-    // return false;
+    return false;
   }
 
   // 6.1 If a DATA frame is received whose stream identifier field is 0x0, the 
recipient MUST
@@ -849,7 +852,16 @@ const static struct {
                                    {HTTP2_FRAME_TYPE_CONTINUATION, 0x10, 
false},
                                    {HTTP2_FRAME_TYPE_CONTINUATION, 0x20, 
false},
                                    {HTTP2_FRAME_TYPE_CONTINUATION, 0x40, 
false},
-                                   {HTTP2_FRAME_TYPE_CONTINUATION, 0x80, 
false}};
+                                   {HTTP2_FRAME_TYPE_CONTINUATION, 0x80, 
false},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x00, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x01, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x02, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x04, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x08, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x10, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x20, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x40, true},
+                                   {HTTP2_FRAME_TYPE_MAX, 0x80, true}};
 
 REGRESSION_TEST(HTTP2_FRAME_FLAGS)(RegressionTest *t, int, int *pstatus)
 {

Reply via email to