Overview

File nghttp2-CVE-2024-28182-2.patch of Package nghttp2.33194

From 92f06389eb7d38d6e30da6996c3b702b2a006716 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Sat, 9 Mar 2024 16:48:10 +0900
Subject: [PATCH 2/2] Add nghttp2_option_set_max_continuations

---
 doc/Makefile.am                |  1 +
 lib/includes/nghttp2/nghttp2.h | 11 +++++++++++
 lib/nghttp2_option.c           |  5 +++++
 lib/nghttp2_option.h           |  5 +++++
 lib/nghttp2_session.c          |  4 ++++
 5 files changed, 26 insertions(+)

Index: nghttp2-1.40.0/lib/includes/nghttp2/nghttp2.h
===================================================================
--- nghttp2-1.40.0.orig/lib/includes/nghttp2/nghttp2.h
+++ nghttp2-1.40.0/lib/includes/nghttp2/nghttp2.h
@@ -2785,6 +2785,17 @@ nghttp2_option_set_stream_reset_rate_lim
 /**
  * @function
  *
+ * This function sets the maximum number of CONTINUATION frames
+ * following an incoming HEADER frame.  If more than those frames are
+ * received, the remote endpoint is considered to be misbehaving and
+ * session will be closed.  The default value is 8.
+ */
+NGHTTP2_EXTERN void nghttp2_option_set_max_continuations(nghttp2_option *option,
+                                                         size_t val);
+
+/**
+ * @function
+ *
  * Like `nghttp2_session_server_new()`, but with additional options
  * specified in the |option|.
  *
Index: nghttp2-1.40.0/lib/nghttp2_option.c
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_option.c
+++ nghttp2-1.40.0/lib/nghttp2_option.c
@@ -133,3 +133,8 @@ void nghttp2_option_set_stream_reset_rat
   option->stream_reset_burst = burst;
   option->stream_reset_rate = rate;
 }
+
+void nghttp2_option_set_max_continuations(nghttp2_option *option, size_t val) {
+  option->opt_set_mask |= NGHTTP2_OPT_MAX_CONTINUATIONS;
+  option->max_continuations = val;
+}
Index: nghttp2-1.40.0/lib/nghttp2_option.h
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_option.h
+++ nghttp2-1.40.0/lib/nghttp2_option.h
@@ -69,6 +69,7 @@ typedef enum {
   NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
   NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
   NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT = 1 << 15,
+  NGHTTP2_OPT_MAX_CONTINUATIONS = 1 << 16,
 } nghttp2_option_flag;
 
 /**
@@ -97,6 +98,10 @@ struct nghttp2_option {
    */
   size_t max_settings;
   /**
+   * NGHTTP2_OPT_MAX_CONTINUATIONS
+   */
+  size_t max_continuations;
+  /**
    * Bitwise OR of nghttp2_option_flag to determine that which fields
    * are specified.
    */
Index: nghttp2-1.40.0/lib/nghttp2_session.c
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_session.c
+++ nghttp2-1.40.0/lib/nghttp2_session.c
@@ -539,6 +539,10 @@ static int session_new(nghttp2_session *
                            option->stream_reset_burst,
                            option->stream_reset_rate);
     }
+
+    if (option->opt_set_mask & NGHTTP2_OPT_MAX_CONTINUATIONS) {
+      (*session_ptr)->max_continuations = option->max_continuations;
+    }
   }
 
   rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
openSUSE Build Service is sponsored by
Places