-
Notifications
You must be signed in to change notification settings - Fork 30.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
http2: pause input processing if sending output
If we are waiting for the ability to send more output, we should not process more input. This commit a) makes us send output earlier, during processing of input, if we accumulate a lot and b) allows interrupting the call into nghttp2 that processes input data and resuming it at a later time, if we do find ourselves in a position where we are waiting to be able to send more output. This is part of mitigating CVE-2019-9511/CVE-2019-9517. Backport-PR-URL: #29123 PR-URL: #29122 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
- Loading branch information
1 parent
0ce699c
commit c152449
Showing
3 changed files
with
140 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
'use strict'; | ||
const common = require('../common'); | ||
if (!common.hasCrypto) | ||
common.skip('missing crypto'); | ||
|
||
const fixtures = require('../common/fixtures'); | ||
const assert = require('assert'); | ||
const http2 = require('http2'); | ||
|
||
const content = fixtures.readSync('person-large.jpg'); | ||
|
||
const server = http2.createServer({ | ||
maxSessionMemory: 1000 | ||
}); | ||
server.on('stream', (stream, headers) => { | ||
stream.respond({ | ||
'content-type': 'image/jpeg', | ||
':status': 200 | ||
}); | ||
stream.end(content); | ||
}); | ||
server.unref(); | ||
|
||
server.listen(0, common.mustCall(() => { | ||
const client = http2.connect(`http://localhost:${server.address().port}/`); | ||
|
||
let finished = 0; | ||
for (let i = 0; i < 100; i++) { | ||
const req = client.request({ ':path': '/' }).end(); | ||
const chunks = []; | ||
req.on('data', (chunk) => { | ||
chunks.push(chunk); | ||
}); | ||
req.on('end', common.mustCall(() => { | ||
assert.deepStrictEqual(Buffer.concat(chunks), content); | ||
if (++finished === 100) client.close(); | ||
})); | ||
} | ||
})); |