diff options
| author | Damien Neil <dneil@google.com> | 2022-12-06 14:04:32 -0800 |
|---|---|---|
| committer | Damien Neil <dneil@google.com> | 2022-12-07 00:51:44 +0000 |
| commit | 8cd931ff0d4652b333996299d63603c659dbcc6c (patch) | |
| tree | c97872f4cc1e1626e6a062b207da2a5456a5dd8e /src/net/http | |
| parent | 10bb003401060a48d5836c3af483de562f980ac5 (diff) | |
| download | go-8cd931ff0d4652b333996299d63603c659dbcc6c.tar.xz | |
all: update vendored golang.org/x/net
Pull in HTTP/2 security fix:
1e63c2f08a http2: limit canonical header cache by bytes, not entries
Fixes #56350
Change-Id: Ib14024ed894ba266f05d4a6e8c454234a45677d2
Reviewed-on: https://go-review.googlesource.com/c/go/+/455717
Run-TryBot: Damien Neil <dneil@google.com>
Reviewed-by: Jenny Rakoczy <jenny@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Diffstat (limited to 'src/net/http')
| -rw-r--r-- | src/net/http/h2_bundle.go | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go index e36b31dfc3..1e0b83d493 100644 --- a/src/net/http/h2_bundle.go +++ b/src/net/http/h2_bundle.go @@ -4327,6 +4327,7 @@ type http2serverConn struct { maxFrameSize int32 peerMaxHeaderListSize uint32 // zero means unknown (default) canonHeader map[string]string // http2-lower-case -> Go-Canonical-Case + canonHeaderKeysSize int // canonHeader keys size in bytes writingFrame bool // started writing a frame (on serve goroutine or separate) writingFrameAsync bool // started a frame on its own goroutine but haven't heard back on wroteFrameCh needsFrameFlush bool // last frame write wasn't a flush @@ -4508,6 +4509,13 @@ func (sc *http2serverConn) condlogf(err error, format string, args ...interface{ } } +// maxCachedCanonicalHeadersKeysSize is an arbitrarily-chosen limit on the size +// of the entries in the canonHeader cache. +// This should be larger than the size of unique, uncommon header keys likely to +// be sent by the peer, while not so high as to permit unreasonable memory usage +// if the peer sends an unbounded number of unique header keys. +const http2maxCachedCanonicalHeadersKeysSize = 2048 + func (sc *http2serverConn) canonicalHeader(v string) string { sc.serveG.check() http2buildCommonHeaderMapsOnce() @@ -4523,14 +4531,10 @@ func (sc *http2serverConn) canonicalHeader(v string) string { sc.canonHeader = make(map[string]string) } cv = CanonicalHeaderKey(v) - // maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of - // entries in the canonHeader cache. This should be larger than the number - // of unique, uncommon header keys likely to be sent by the peer, while not - // so high as to permit unreasonable memory usage if the peer sends an unbounded - // number of unique header keys. - const maxCachedCanonicalHeaders = 32 - if len(sc.canonHeader) < maxCachedCanonicalHeaders { + size := 100 + len(v)*2 // 100 bytes of map overhead + key + value + if sc.canonHeaderKeysSize+size <= http2maxCachedCanonicalHeadersKeysSize { sc.canonHeader[v] = cv + sc.canonHeaderKeysSize += size } return cv } |