Mercurial > hg > nginx
comparison src/http/v2/ngx_http_v2_module.c @ 9179:ea1f29c2010c
HTTP/2: fixed buffer management with HTTP/2 auto-detection.
As part of normal HTTP/2 processing, incomplete frames are saved in the
control state using a fixed size memcpy of NGX_HTTP_V2_STATE_BUFFER_SIZE.
For this matter, two state buffers are reserved in the HTTP/2 recv buffer.
As part of HTTP/2 auto-detection on plain TCP connections, initial data
is first read into a buffer specified by the client_header_buffer_size
directive that doesn't have state reservation. Previously, this made it
possible to over-read the buffer as part of saving the state.
The fix is to read the available buffer size rather than a fixed size.
Although memcpy of a fixed size can produce a better optimized code,
handling of incomplete frames isn't a common execution path, so it was
sacrificed for the sake of simplicity of the fix.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Sat, 21 Oct 2023 18:48:24 +0400 |
parents | 262c01782566 |
children |
comparison
equal
deleted
inserted
replaced
9178:b74f891053c7 | 9179:ea1f29c2010c |
---|---|
386 static char * | 386 static char * |
387 ngx_http_v2_recv_buffer_size(ngx_conf_t *cf, void *post, void *data) | 387 ngx_http_v2_recv_buffer_size(ngx_conf_t *cf, void *post, void *data) |
388 { | 388 { |
389 size_t *sp = data; | 389 size_t *sp = data; |
390 | 390 |
391 if (*sp <= 2 * NGX_HTTP_V2_STATE_BUFFER_SIZE) { | 391 if (*sp <= NGX_HTTP_V2_STATE_BUFFER_SIZE) { |
392 return "value is too small"; | 392 return "value is too small"; |
393 } | 393 } |
394 | 394 |
395 return NGX_CONF_OK; | 395 return NGX_CONF_OK; |
396 } | 396 } |