commit 39e5c9266e387cdb1f79a3ef33762eccd3827b87
Author: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Date: Thu Mar 28 16:08:46 2024 +0100
http2_hpack: Enforce http_req_size limit
Refs #3709
Refs #3892
Conflicts:
bin/varnishd/http2/cache_http2_hpack.c
diff --git a/bin/varnishd/http2/cache_http2_hpack.c b/bin/varnishd/http2/cache_http2_hpack.c
index 25fc0be7d..1b476c9aa 100644
--- a/bin/varnishd/http2/cache_http2_hpack.c
+++ b/bin/varnishd/http2/cache_http2_hpack.c
@@ -267,7 +267,8 @@ h2h_decode_init(const struct h2_sess *h2)
d = h2->decode;
INIT_OBJ(d, H2H_DECODE_MAGIC);
VHD_Init(d->vhd);
- d->out_l = WS_ReserveAll(h2->new_req->http->ws);
+ d->out_l = WS_Reserve(h2->new_req->http->ws,
+ cache_param->http_req_size);
/*
* Can't do any work without any buffer
* space. Require non-zero size.
@@ -308,6 +309,10 @@ h2h_decode_fini(const struct h2_sess *h2)
} else
ret = d->error;
d->magic = 0;
+ if (ret == H2SE_REQ_SIZE) {
+ VSLb(h2->new_req->http->vsl, SLT_LostHeader,
+ "Header list too large");
+ }
return (ret);
}
diff --git a/bin/varnishtest/tests/r03709.vtc b/bin/varnishtest/tests/r03709.vtc
index 7439efba3..242afe2f1 100644
--- a/bin/varnishtest/tests/r03709.vtc
+++ b/bin/varnishtest/tests/r03709.vtc
@@ -2,17 +2,40 @@ varnishtest "h2 req limits"
varnish v1 -cliok "param.set feature +http2"
varnish v1 -cliok "param.set http_req_hdr_len 40b"
+varnish v1 -cliok "param.set http_req_size 512b"
varnish v1 -vcl {
backend be none;
} -start
-logexpect l1 -v v1 -g raw -q BogoHeader {
+logexpect l1 -v v1 -g raw -q BogoHeader,LostHeader {
expect 0 1001 BogoHeader "Header too large: :path"
+ expect 0 1002 LostHeader "Header list too large"
} -start
client c1 {
stream next {
- txreq -url ${string,repeat,4,/123456789}
+ txreq -url ${string,repeat,4,/123456789} \
+ -hdr limit http_req_hdr_len
+ rxrst
+ expect rst.err == ENHANCE_YOUR_CALM
+ } -run
+
+ stream next {
+ txreq -url "/http_req_size" \
+ -hdr hdr1 ${string,repeat,3,/123456789} \
+ -hdr hdr2 ${string,repeat,3,/123456789} \
+ -hdr hdr3 ${string,repeat,3,/123456789} \
+ -hdr hdr4 ${string,repeat,3,/123456789} \
+ -hdr hdr5 ${string,repeat,3,/123456789} \
+ -hdr hdr6 ${string,repeat,3,/123456789} \
+ -hdr hdr7 ${string,repeat,3,/123456789} \
+ -hdr hdr8 ${string,repeat,3,/123456789} \
+ -hdr hdr9 ${string,repeat,3,/123456789} \
+ -hdr hdr10 ${string,repeat,3,/123456789} \
+ -hdr hdr11 ${string,repeat,3,/123456789} \
+ -hdr hdr12 ${string,repeat,3,/123456789} \
+ -hdr hdr13 ${string,repeat,3,/123456789} \
+ -hdr hdr14 ${string,repeat,3,/123456789}
rxrst
expect rst.err == ENHANCE_YOUR_CALM
} -run
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit
Author: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Date: Thu Mar 28 16:08:46 2024 +0100
http2_hpack: Enforce http_req_size limit
Refs #3709
Refs #3892
Conflicts:
bin/varnishd/http2/cache_http2_hpack.c
diff --git a/bin/varnishd/http2/cache_http2_hpack.c b/bin/varnishd/http2/cache_http2_hpack.c
index 25fc0be7d..1b476c9aa 100644
--- a/bin/varnishd/http2/cache_http2_hpack.c
+++ b/bin/varnishd/http2/cache_http2_hpack.c
@@ -267,7 +267,8 @@ h2h_decode_init(const struct h2_sess *h2)
d = h2->decode;
INIT_OBJ(d, H2H_DECODE_MAGIC);
VHD_Init(d->vhd);
- d->out_l = WS_ReserveAll(h2->new_req->http->ws);
+ d->out_l = WS_Reserve(h2->new_req->http->ws,
+ cache_param->http_req_size);
/*
* Can't do any work without any buffer
* space. Require non-zero size.
@@ -308,6 +309,10 @@ h2h_decode_fini(const struct h2_sess *h2)
} else
ret = d->error;
d->magic = 0;
+ if (ret == H2SE_REQ_SIZE) {
+ VSLb(h2->new_req->http->vsl, SLT_LostHeader,
+ "Header list too large");
+ }
return (ret);
}
diff --git a/bin/varnishtest/tests/r03709.vtc b/bin/varnishtest/tests/r03709.vtc
index 7439efba3..242afe2f1 100644
--- a/bin/varnishtest/tests/r03709.vtc
+++ b/bin/varnishtest/tests/r03709.vtc
@@ -2,17 +2,40 @@ varnishtest "h2 req limits"
varnish v1 -cliok "param.set feature +http2"
varnish v1 -cliok "param.set http_req_hdr_len 40b"
+varnish v1 -cliok "param.set http_req_size 512b"
varnish v1 -vcl {
backend be none;
} -start
-logexpect l1 -v v1 -g raw -q BogoHeader {
+logexpect l1 -v v1 -g raw -q BogoHeader,LostHeader {
expect 0 1001 BogoHeader "Header too large: :path"
+ expect 0 1002 LostHeader "Header list too large"
} -start
client c1 {
stream next {
- txreq -url ${string,repeat,4,/123456789}
+ txreq -url ${string,repeat,4,/123456789} \
+ -hdr limit http_req_hdr_len
+ rxrst
+ expect rst.err == ENHANCE_YOUR_CALM
+ } -run
+
+ stream next {
+ txreq -url "/http_req_size" \
+ -hdr hdr1 ${string,repeat,3,/123456789} \
+ -hdr hdr2 ${string,repeat,3,/123456789} \
+ -hdr hdr3 ${string,repeat,3,/123456789} \
+ -hdr hdr4 ${string,repeat,3,/123456789} \
+ -hdr hdr5 ${string,repeat,3,/123456789} \
+ -hdr hdr6 ${string,repeat,3,/123456789} \
+ -hdr hdr7 ${string,repeat,3,/123456789} \
+ -hdr hdr8 ${string,repeat,3,/123456789} \
+ -hdr hdr9 ${string,repeat,3,/123456789} \
+ -hdr hdr10 ${string,repeat,3,/123456789} \
+ -hdr hdr11 ${string,repeat,3,/123456789} \
+ -hdr hdr12 ${string,repeat,3,/123456789} \
+ -hdr hdr13 ${string,repeat,3,/123456789} \
+ -hdr hdr14 ${string,repeat,3,/123456789}
rxrst
expect rst.err == ENHANCE_YOUR_CALM
} -run
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit