Merge pull request #1961 from ctiller/moar-defense

Add tests for initial settings frames being bad
author: Nicolas Noble <nicolasnoble@users.noreply.github.com> 2015-06-05 17:19:28 -0700
committer: Nicolas Noble <nicolasnoble@users.noreply.github.com> 2015-06-05 17:19:28 -0700
commit: cce361f7ca984200b32738fda355fede7a2ecd58 (patch)
tree: daf3e8b01b122fc7c7523b120d6e702a08a1c669 /src/core
parent: 4ac6b88a13e1356ad962f867e1a11ecae214560b (diff)
parent: 83b2f2590d09de2eb1bc771b4234b478eaa70907 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/src/core/transport/chttp2_transport.c b/src/core/transport/chttp2_transport.c
index 9dc5f23389..630504565b 100644
--- a/src/core/transport/chttp2_transport.c
+++ b/src/core/transport/chttp2_transport.c
@@ -1575,12 +1575,21 @@ static int init_goaway_parser(transport *t) {
 }
 
 static int init_settings_frame_parser(transport *t) {
-  int ok = GRPC_CHTTP2_PARSE_OK ==
+  int ok;
+
+  if (t->incoming_stream_id != 0) {
+    gpr_log(GPR_ERROR, "settings frame received for stream %d", t->incoming_stream_id);
+    drop_connection(t);
+    return 0;
+  }
+
+  ok = GRPC_CHTTP2_PARSE_OK ==
            grpc_chttp2_settings_parser_begin_frame(
                &t->simple_parsers.settings, t->incoming_frame_size,
                t->incoming_frame_flags, t->settings[PEER_SETTINGS]);
   if (!ok) {
     drop_connection(t);
+    return 0;
   }
   if (t->incoming_frame_flags & GRPC_CHTTP2_FLAG_ACK) {
     memcpy(t->settings[ACKED_SETTINGS], t->settings[SENT_SETTINGS],
author	Nicolas Noble <nicolasnoble@users.noreply.github.com>	2015-06-05 17:19:28 -0700
committer	Nicolas Noble <nicolasnoble@users.noreply.github.com>	2015-06-05 17:19:28 -0700
commit	cce361f7ca984200b32738fda355fede7a2ecd58 (patch)
tree	daf3e8b01b122fc7c7523b120d6e702a08a1c669 /src/core
parent	4ac6b88a13e1356ad962f867e1a11ecae214560b (diff)
parent	83b2f2590d09de2eb1bc771b4234b478eaa70907 (diff)