Mercurial > hg > nginx
comparison src/http/v2/ngx_http_v2.c @ 7378:e7f19d268c72
HTTP/2: limit the number of idle state switches.
An attack that continuously switches HTTP/2 connection between
idle and active states can result in excessive CPU usage.
This is because when a connection switches to the idle state,
all of its memory pool caches are freed.
This change limits the maximum allowed number of idle state
switches to 10 * http2_max_requests (i.e., 10000 by default).
This limits possible CPU usage in one connection, and also
imposes a limit on the maximum lifetime of a connection.
Initially reported by Gal Goldshtein from F5 Networks.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Tue, 06 Nov 2018 16:29:49 +0300 |
parents | d4448892a294 |
children | 4f4b83f00cf1 |
comparison
equal
deleted
inserted
replaced
7377:d4448892a294 | 7378:e7f19d268c72 |
---|---|
4509 } | 4509 } |
4510 } | 4510 } |
4511 | 4511 |
4512 #endif | 4512 #endif |
4513 | 4513 |
4514 h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx, | |
4515 ngx_http_v2_module); | |
4516 | |
4517 if (h2c->idle++ > 10 * h2scf->max_requests) { | |
4518 ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, | |
4519 "http2 flood detected"); | |
4520 ngx_http_v2_finalize_connection(h2c, NGX_HTTP_V2_NO_ERROR); | |
4521 return; | |
4522 } | |
4523 | |
4514 c->destroyed = 0; | 4524 c->destroyed = 0; |
4515 ngx_reusable_connection(c, 0); | 4525 ngx_reusable_connection(c, 0); |
4516 | |
4517 h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx, | |
4518 ngx_http_v2_module); | |
4519 | 4526 |
4520 h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log); | 4527 h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log); |
4521 if (h2c->pool == NULL) { | 4528 if (h2c->pool == NULL) { |
4522 ngx_http_v2_finalize_connection(h2c, NGX_HTTP_V2_INTERNAL_ERROR); | 4529 ngx_http_v2_finalize_connection(h2c, NGX_HTTP_V2_INTERNAL_ERROR); |
4523 return; | 4530 return; |