diff options
author | Anna Henningsen <anna@addaleax.net> | 2019-08-10 01:30:35 +0200 |
---|---|---|
committer | Michaël Zasso <targos@protonmail.com> | 2019-08-15 09:50:26 +0200 |
commit | 599eee0990c98ef0e6cc32f1c9dbf2f35b63a923 (patch) | |
tree | 8e3d2f244b328be9e4abd28db8e63512612585df /src/node_http2.h | |
parent | c44ee7a14a400c8bdc80b31848234f5f55351690 (diff) | |
download | android-node-v8-599eee0990c98ef0e6cc32f1c9dbf2f35b63a923.tar.gz android-node-v8-599eee0990c98ef0e6cc32f1c9dbf2f35b63a923.tar.bz2 android-node-v8-599eee0990c98ef0e6cc32f1c9dbf2f35b63a923.zip |
http2: do not create ArrayBuffers when no DATA received
Lazily allocate `ArrayBuffer`s for the contents of DATA frames.
Creating `ArrayBuffer`s is, sadly, not a cheap operation with V8.
This is part of performance improvements to mitigate CVE-2019-9513.
Together with the previous commit, these changes improve throughput
in the adversarial case by about 100 %, and there is little more
that we can do besides artificially limiting the rate of incoming
metadata frames (i.e. after this patch, CPU usage is virtually
exclusively in libnghttp2).
PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'src/node_http2.h')
-rw-r--r-- | src/node_http2.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/node_http2.h b/src/node_http2.h index 9a156c8bfa..47d25f2b07 100644 --- a/src/node_http2.h +++ b/src/node_http2.h @@ -993,7 +993,8 @@ class Http2Session : public AsyncWrap, public StreamListener { uint32_t chunks_sent_since_last_write_ = 0; uv_buf_t stream_buf_ = uv_buf_init(nullptr, 0); - v8::Local<v8::ArrayBuffer> stream_buf_ab_; + v8::Global<v8::ArrayBuffer> stream_buf_ab_; + AllocatedBuffer stream_buf_allocation_; size_t max_outstanding_pings_ = DEFAULT_MAX_PINGS; std::queue<std::unique_ptr<Http2Ping>> outstanding_pings_; |