Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-12305

HPACK decoding huffman-encoded string with EOS symbol

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Major
    • None
    • 17.0.1.Final
    • Web (Undertow)
    • None
    • Hide
      1. Obtain latest release of h2spec testsuite - either by manual compilation or directly download prepared release.
      2. get and start WildFly 
        ./bin/standalone.sh
      3. execute relevant HPACK tests 
        ./h2spec -k -h 127.0.0.1 -p 8443 -t hpack/5.2
      4. see one failing test
      Show
      Obtain latest release of h2spec testsuite - either by manual compilation or directly download prepared release . get and start WildFly ./bin/standalone.sh execute relevant HPACK tests ./h2spec -k -h 127.0.0.1 -p 8443 -t hpack/5.2 see one failing test

    Description

      During the HTTP2 communication where HPACK is utilized, when client sends inappropriate huffman-encoded string containing EOS symbol, server side is supposed to respond with GOAWAY - compression error, although current implementation of Undertow simply continues and sends DATA frame instead. Relevant RFC section.

      Note that this issue is probably present for long time in Undertow. Current test started to fail after recent fix in the test itself, see here.

      Test output
      HPACK: Header Compression for HTTP/2
  5. Primitive Type Representations
    5.2. String Literal Representation
      × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
        -> The endpoint MUST treat this as a decoding error.
           Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
                     Connection closed
             Actual: DATA Frame (length:1496, flags:0x01, stream_id:1)

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-2381 Invalid/benevolent hpack decoding of huffman-encoded string literal with EOS symbol

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Pull Request Sent

          Activity

            People

              mjusko@redhat.com Marek Jusko
              jstourac@redhat.com Jan Stourac
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: