diff options
| author | Laramie Leavitt <laramie.leavitt@gmail.com> | 2020-07-03 13:10:27 -0700 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2020-09-10 17:43:47 +0200 |
| commit | 25a25f45ae55aae510a6de1b5bbcfa7547f5db6c (patch) | |
| tree | 2bf0af515d8df64643795881055db5d3e0fb21cf /README | |
| parent | 4ba275a46a67b22f9d1f2af19f2123f5126d5b4e (diff) | |
| download | curl-25a25f45ae55aae510a6de1b5bbcfa7547f5db6c.tar.gz | |
http: consolidate nghttp2_session_mem_recv() call paths
Previously there were several locations that called
nghttp2_session_mem_recv and handled responses slightly differently.
Those have been converted to call the existing
h2_process_pending_input() function.
Moved the end-of-session check to h2_process_pending_input() since the
only place the end-of-session state can change is after nghttp2
processes additional input frames.
This will likely fix the fuzzing error. While I don't have a root cause
the out-of-bounds read seems like a use after free, so moving the
nghttp2_session_check_request_allowed() call to a location with a
guaranteed nghttp2 session seems reasonable.
Also updated a few nghttp2 callsites to include error messages and added
a few additional error checks.
Closes #5648
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions