Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Major
Fix Version/s: None
Affects Version/s: 17.0.1.Final
Component/s: Web (Undertow)
Labels:
None

Steps to Reproduce:
Hide

Obtain latest release of h2spec testsuite - either by manual compilation or directly download prepared release.

get and start WildFly

./bin/standalone.sh

execute relevant HPACK tests

./h2spec -k -h 127.0.0.1 -p 8443 -t hpack/5.2

see one failing test
Show
Obtain latest release of h2spec testsuite - either by manual compilation or directly download prepared release . get and start WildFly ./bin/standalone.sh execute relevant HPACK tests ./h2spec -k -h 127.0.0.1 -p 8443 -t hpack/5.2 see one failing test

During the HTTP2 communication where HPACK is utilized, when client sends inappropriate huffman-encoded string containing EOS symbol, server side is supposed to respond with GOAWAY - compression error, although current implementation of Undertow simply continues and sends DATA frame instead. Relevant RFC section.

Note that this issue is probably present for long time in Undertow. Current test started to fail after recent fix in the test itself, see here.

Test output

HPACK: Header Compression for HTTP/2
  5. Primitive Type Representations
    5.2. String Literal Representation
      × 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
        -> The endpoint MUST treat this as a decoding error.
           Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
                     Connection closed
             Actual: DATA Frame (length:1496, flags:0x01, stream_id:1)

is cloned by

UNDERTOW-2381 Invalid/benevolent hpack decoding of huffman-encoded string literal with EOS symbol

Pull Request Sent

Assignee:: Marek Jusko

Reporter:: Jan Stourac

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2019/07/19 10:09 AM

Updated:: 2024/04/24 1:33 PM

Resolved:: 2024/04/24 1:33 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates