http2: allow to configure maximum tolerated invalid frames

PR-URL: https://github.com/nodejs/node/pull/30534
Fixes: https://github.com/nodejs/node/issues/30505
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

1 files changed, 15 insertions, 1 deletions

diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 4060aff75e..7eaf1f4e92 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -90,7 +90,11 @@ const {
   },
   hideStackFrames
 } = require('internal/errors');
-const { validateNumber, validateString } = require('internal/validators');
+const { validateNumber,
+        validateString,
+        validateUint32,
+        isUint32,
+} = require('internal/validators');
 const fsPromisesInternal = require('internal/fs/promises');
 const { utcDate } = require('internal/http');
 const { onServerStream,
@@ -206,6 +210,7 @@ const {
   kBitfield,
   kSessionPriorityListenerCount,
   kSessionFrameErrorListenerCount,
+  kSessionMaxInvalidFrames,
   kSessionUint8FieldCount,
   kSessionHasRemoteSettingsListeners,
   kSessionRemoteSettingsIsUpToDate,
@@ -944,6 +949,12 @@ function setupHandle(socket, type, options) {
     this[kEncrypted] = false;
   }
 
+  if (isUint32(options.maxSessionInvalidFrames)) {
+    const uint32 = new Uint32Array(
+      this[kNativeFields].buffer, kSessionMaxInvalidFrames, 1);
+    uint32[0] = options.maxSessionInvalidFrames;
+  }
+
   const settings = typeof options.settings === 'object' ?
     options.settings : {};
 
@@ -2774,6 +2785,9 @@ function initializeOptions(options) {
   assertIsObject(options.settings, 'options.settings');
   options.settings = { ...options.settings };
 
+  if (options.maxSessionInvalidFrames !== undefined)
+    validateUint32(options.maxSessionInvalidFrames, 'maxSessionInvalidFrames');
+
   // Used only with allowHTTP1
   options.Http1IncomingMessage = options.Http1IncomingMessage ||
     http.IncomingMessage;