Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2381

Invalid/benevolent hpack decoding of huffman-encoded string literal with EOS symbol

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 2.3.16.Final, 2.2.35.Final
    • None
    • None
    • None
    • Hide
      1. start WildFly, e.g.: ./bin/standalone.sh
      2. get thirdparty h2spec testsuite
      3. execute testsuite with following command:
        $ ./h2spec -h localhost -p 8443 -k -S -t hpack/5
        

        and see following output:

        HPACK: Header Compression for HTTP/2
          5. Primitive Type Representations
            5.2. String Literal Representation
              ✔ 1: Sends a Huffman-encoded string literal representation with padding longer than 7 bits
              ✔ 2: Sends a Huffman-encoded string literal representation padded by zero
              × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
                -> The endpoint MUST treat this as a decoding error.
                   Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
                             Connection closed
                     Actual: DATA Frame (length:1504, flags:0x01, stream_id:1)
        
        Failures: 
        
        HPACK: Header Compression for HTTP/2
          5. Primitive Type Representations
            5.2. String Literal Representation
              × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
                -> The endpoint MUST treat this as a decoding error.
                   Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
                             Connection closed
                     Actual: DATA Frame (length:1504, flags:0x01, stream_id:1)
        
        Finished in 2.5380 seconds
        3 tests, 2 passed, 0 skipped, 1 failed
        
      Show
      start WildFly, e.g.: ./bin/standalone.sh get thirdparty h2spec testsuite execute testsuite with following command: $ ./h2spec -h localhost -p 8443 -k -S -t hpack/5 and see following output: HPACK: Header Compression for HTTP/2 5. Primitive Type Representations 5.2. String Literal Representation ✔ 1: Sends a Huffman-encoded string literal representation with padding longer than 7 bits ✔ 2: Sends a Huffman-encoded string literal representation padded by zero × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol -> The endpoint MUST treat this as a decoding error. Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR) Connection closed Actual: DATA Frame (length:1504, flags:0x01, stream_id:1) Failures: HPACK: Header Compression for HTTP/2 5. Primitive Type Representations 5.2. String Literal Representation × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol -> The endpoint MUST treat this as a decoding error. Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR) Connection closed Actual: DATA Frame (length:1504, flags:0x01, stream_id:1) Finished in 2.5380 seconds 3 tests, 2 passed, 0 skipped, 1 failed

      I can see failing HTTP/2 test in thirdparty testsuite against WildFly:

      HPACK: Header Compression for HTTP/2
        5. Primitive Type Representations
          5.2. String Literal Representation
            × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
              -> The endpoint MUST treat this as a decoding error.
                 Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
                           Connection closed
                   Actual: DATA Frame (length:1504, flags:0x01, stream_id:1)
      

      This error started to occur after this fix has been done in the testsuite itself few months ago. There is expected a 'Compression error' to be returned by server followed by connection closure, although WildFly simply responds with a 'Data' packet expecting further communication.

      I've also checked with latest WildFly master branch and Undertow in version of 2.0.26.Final. Still same issue.

      Note that Apache HTTP 2.4.29 passes this particular test successfully.

              mjusko@redhat.com Marek Jusko
              jstourac@redhat.com Jan Stourac
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: