diff options
author | Anna Henningsen <anna@addaleax.net> | 2019-08-10 23:10:54 +0200 |
---|---|---|
committer | Michaƫl Zasso <targos@protonmail.com> | 2019-08-15 09:51:52 +0200 |
commit | b4cfa521b8b0fbe5ee5815fcac3614cc0960f7d9 (patch) | |
tree | ee010c753c6f748befb870fc6873313a54636f4c /test | |
parent | a54af9e1888c01f9a9553eb0e91664a249cabe96 (diff) | |
download | android-node-v8-b4cfa521b8b0fbe5ee5815fcac3614cc0960f7d9.tar.gz android-node-v8-b4cfa521b8b0fbe5ee5815fcac3614cc0960f7d9.tar.bz2 android-node-v8-b4cfa521b8b0fbe5ee5815fcac3614cc0960f7d9.zip |
http2: handle 0-length headers better
Ignore headers with 0-length names and track memory for headers
the way we track it for other HTTP/2 session memory too.
This is intended to mitigate CVE-2019-9516.
PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/parallel/test-http2-zero-length-header.js | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/parallel/test-http2-zero-length-header.js b/test/parallel/test-http2-zero-length-header.js new file mode 100644 index 0000000000..7b142d75f0 --- /dev/null +++ b/test/parallel/test-http2-zero-length-header.js @@ -0,0 +1,25 @@ +'use strict'; +const common = require('../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const http2 = require('http2'); + +const server = http2.createServer(); +server.on('stream', (stream, headers) => { + assert.deepStrictEqual(headers, { + ':scheme': 'http', + ':authority': `localhost:${server.address().port}`, + ':method': 'GET', + ':path': '/', + 'bar': '', + '__proto__': null + }); + stream.session.destroy(); + server.close(); +}); +server.listen(0, common.mustCall(() => { + const client = http2.connect(`http://localhost:${server.address().port}/`); + client.request({ ':path': '/', '': 'foo', 'bar': '' }).end(); +})); |