Fix COMPRESSION_ERROR on valid HPACK input#8817
Conversation
|
@ezelkow1 Can you kick off builds here? |
|
I found that my first commit still had problems: the |
|
Thank you for the fix. I ran test_HPACK with a couple of external test data and I was realized that current HPACK decoder seems to be broken and it's still broken even with your fix. What I did are: It might be an error in the test data, but I think I checked ATS can decode all the encoded data from different implementations when we were actively working on HTTP/2 and HPACK. Let me check the error above first. I haven't looked into your change closely, but I'd suggest to move the test case you added into test_HuffmanCode since it's purely for Huffman decoding. |
|
Seems like the errors I found are due to incompatibility between the test data and test program. We can ignore the errors for now. And good news is that your change passed all the test we can try. I'll look into your change closely later. |
maskit
left a comment
maskit
left a comment
There was a problem hiding this comment.
Actually, it failed on a test in HTTP/2 test suite (h2spec). I thought this test is ran on CI but it didn't catch the error somehow.
I ran h2spec locally and got this error below.
HPACK: Header Compression for HTTP/2
5. Primitive Type Representations
5.2. String Literal Representation
using source address 127.0.0.1:62782
× 3: Sends a Huffman-encoded string literal representation containing the EOS symbol
-> The endpoint MUST treat this as a decoding error.
Expected: GOAWAY Frame (Error Code: COMPRESSION_ERROR)
Connection closed
Actual: DATA Frame (length:219, flags:0x01, stream_id:1)
I get your fix is needed for the byte boundary issue but the error above need to be fixed.
Also, to give a bit of context about byte_boundary_crossed, it was added for another test case in h2spec.
#2172
|
@maskit sorry for the delay: I had to update my machine to get the autest suite to run. I pushed a fix for the failing EOS test. That fix itself made one of the Huffman tests fail, because it was trying to decode an EOS symbol, which is invalid, so I changed it to check for an error. I also moved the tests I added to |
maskit
left a comment
maskit
left a comment
There was a problem hiding this comment.
Thank you for the updates. I confirmed all the tests pass.
* Check for leaf node after resetting byte counter * Improve invalid decoding length * Move error tests to test_Huffmancode * Reject EOS symbol (cherry picked from commit d362729)
|
Cherry-picked to v9.2.x |
* Check for leaf node after resetting byte counter * Improve invalid decoding length * Move error tests to test_Huffmancode * Reject EOS symbol (cherry picked from commit d362729) Co-authored-by: Menno de Gier <mrdegier@gmail.com>
* asf/9.2.x: Updated ChangeLog Restore down nameservers after they come back online (apache#8847) Fix Rocky Linux 8 arm64 GCC Compiler Warnings (apache#8850) Fix `COMPRESSION_ERROR` on valid HPACK input (apache#8817) remap_stats: convert to using TSHttpTxnPristineUrlGet and TSHttpTxnClientReqGet for hostname, remove pre remap continuation (apache#8362) Re-introduce import to get man_pages list available for sphinx. Closes apache#8858 (apache#8859) Add missing configuration files man pages (apache#8861)
5 participants
This fixes a bug that causes a valid http2 header value to be rejected with a
COMPRESSION_ERROR:With the test input I added, a leaf node is found exactly on a byte boundary. Because the leaf node check happens before the shift check,
byte_boundary_crossedis set to 0, but then immediately incremented again. And because finding the next leaf node crosses three byte boundaries, we end up with 4 total and return an error. Reordering the checks fixes the issue.Note: I wasn't able to run the whole test suite so I'm not sure if this breaks anything else.