http2: stop reading from socket if writes are in progress

If a write to the underlying socket finishes asynchronously, that means that we cannot write any more data at that point without waiting for it to finish. If this happens, we should also not be producing any more input. This is part of mitigating CVE-2019-9511/CVE-2019-9517. PR-URL: https://github.com/nodejs/node/pull/29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
author: Anna Henningsen <anna@addaleax.net> 2019-08-11 01:31:20 +0200
committer: Michaël Zasso <targos@protonmail.com> 2019-08-15 09:51:53 +0200
commit: ba624b6766fffc11fc9a387feee58be2c5e1d8b8 (patch)
tree: 9b0468b252f6b3b5a669cf0e342c24324cb1d902 /src/node_http2.h
parent: 695e38be69a780417eef32db744528c3c78d6b0b (diff)
download: android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.tar.gz
android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.tar.bz2
android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/node_http2.h b/src/node_http2.h
index e0862614f2..21e05157c1 100644
--- a/src/node_http2.h
+++ b/src/node_http2.h
@@ -335,6 +335,8 @@ enum session_state_flags {
   SESSION_STATE_CLOSED = 0x4,
   SESSION_STATE_CLOSING = 0x8,
   SESSION_STATE_SENDING = 0x10,
+  SESSION_STATE_WRITE_IN_PROGRESS = 0x20,
+  SESSION_STATE_READING_STOPPED = 0x40,
 };
 
 typedef uint32_t(*get_setting)(nghttp2_session* session,
author	Anna Henningsen <anna@addaleax.net>	2019-08-11 01:31:20 +0200
committer	Michaël Zasso <targos@protonmail.com>	2019-08-15 09:51:53 +0200
commit	ba624b6766fffc11fc9a387feee58be2c5e1d8b8 (patch)
tree	9b0468b252f6b3b5a669cf0e342c24324cb1d902 /src/node_http2.h
parent	695e38be69a780417eef32db744528c3c78d6b0b (diff)
download	android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.tar.gz android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.tar.bz2 android-node-v8-ba624b6766fffc11fc9a387feee58be2c5e1d8b8.zip