rpms/curl
6
0
Fork 1
Code Issues Pull Requests Releases Activity

http2: set drain on stream end

Browse Source 
This is an attempt to fix the following issue in COPR:
https://pagure.io/fedora-infrastructure/issue/11133
This commit is contained in:
Kamil Dudka 2023-02-17 14:34:10 +01:00
parent bdbf01f50c
commit 13a96c9b8f
2 changed files with 121 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
0001-curl-7.88.0-http2-drain.patch Normal file
View File

@ -0,0 +1,113 @@
From d38da6c41c897eff642d9e39a234290dd51a3947 Mon Sep 17 00:00:00 2001
From: Stefan Eissing <stefan@eissing.org>
Date: Wed, 15 Feb 2023 22:11:13 +0100
Subject: [PATCH 1/2] http2: buffer/pausedata and output flush fix.
* do not process pending input data when copying pausedata to the
caller
* return CURLE_AGAIN if the output buffer could not be completely
written out.
Ref: #10525
Closes #10529
Upstream-commit: 3103de2053ca8cacf9cdbe78764ba6814481709f
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/http2.c | 15 +++------------
1 file changed, 3 insertions(+), 12 deletions(-)
diff --git a/lib/http2.c b/lib/http2.c
index 46fc746..1ef5d39 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -467,6 +467,7 @@ static CURLcode flush_output(struct Curl_cfilter *cf,
}
if((size_t)written < buflen) {
Curl_dyn_tail(&ctx->outbuf, buflen - (size_t)written);
+ return CURLE_AGAIN;
}
else {
Curl_dyn_reset(&ctx->outbuf);
@@ -1790,6 +1791,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
stream->pausedata += nread;
stream->pauselen -= nread;
+ drain_this(cf, data);
if(stream->pauselen == 0) {
DEBUGF(LOG_CF(data, cf, "[h2sid=%u] Unpaused", stream->stream_id));
@@ -1798,18 +1800,6 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
stream->pausedata = NULL;
stream->pauselen = 0;
-
- /* When NGHTTP2_ERR_PAUSE is returned from
- data_source_read_callback, we might not process DATA frame
- fully. Calling nghttp2_session_mem_recv() again will
- continue to process DATA frame, but if there is no incoming
- frames, then we have to call it again with 0-length data.
- Without this, on_stream_close callback will not be called,
- and stream could be hanged. */
- if(h2_process_pending_input(cf, data, err) != 0) {
- nread = -1;
- goto out;
- }
}
DEBUGF(LOG_CF(data, cf, "[h2sid=%u] recv: returns unpaused %zd bytes",
stream->stream_id, nread));
@@ -1933,6 +1923,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
drained_transfer(cf, data);
}
+ *err = CURLE_OK;
nread = retlen;
DEBUGF(LOG_CF(data, cf, "[h2sid=%u] cf_h2_recv -> %zd",
stream->stream_id, nread));
--
2.39.1
From 77e5170fe89bce943c52de732071189f463f38a8 Mon Sep 17 00:00:00 2001
From: Harry Sintonen <sintonen@iki.fi>
Date: Thu, 16 Feb 2023 06:26:26 +0200
Subject: [PATCH 2/2] http2: set drain on stream end
Ensure that on_frame_recv() stream end will trigger a read if there is
pending data. Without this it could happen that the pending data is
never consumed.
This combined with https://github.com/curl/curl/pull/10529 should fix
https://github.com/curl/curl/issues/10525
Ref: https://github.com/curl/curl/issues/10525
Closes #10530
Upstream-commit: 87ed650d04dc1a6f7944a5d952f7d5b0934a19ac
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/http2.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lib/http2.c b/lib/http2.c
index 1ef5d39..bdb5e73 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -868,6 +868,14 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
return NGHTTP2_ERR_CALLBACK_FAILURE;
}
}
+ if(frame->hd.flags & NGHTTP2_FLAG_END_STREAM) {
+ /* Stream has ended. If there is pending data, ensure that read
+ will occur to consume it. */
+ if(!data->state.drain && stream->memlen) {
+ drain_this(cf, data_s);
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
+ }
+ }
break;
case NGHTTP2_HEADERS:
DEBUGF(LOG_CF(data_s, cf, "[h2sid=%u] recv frame HEADERS", stream_id));
--
2.39.1

9
curl.spec
View File

@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.88.0 Version: 7.88.0
Release: 1%{?dist} Release: 2%{?dist}
License: MIT License: MIT
Source0: https://curl.se/download/%{name}-%{version}.tar.xz Source0: https://curl.se/download/%{name}-%{version}.tar.xz
Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@ -10,6 +10,9 @@ Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
# which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc # which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc
Source2: mykey.asc Source2: mykey.asc
# http2: set drain on stream end
Patch1: 0001-curl-7.88.0-http2-drain.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch Patch101: 0101-curl-7.32.0-multilib.patch
@ -203,6 +206,7 @@ be installed.
%setup -q %setup -q
# upstream patches # upstream patches
%patch1 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -438,6 +442,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog %changelog
* Fri Feb 17 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-2
- http2: set drain on stream end
* Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1 * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1
- new upstream release, which fixes the following vulnerabilities - new upstream release, which fixes the following vulnerabilities
CVE-2023-23916 - HTTP multi-header compression denial of service CVE-2023-23916 - HTTP multi-header compression denial of service