HTTP/2: ignore unused PADDED flag on non-padded frames#640
Open
arturobernalg wants to merge 1 commit intoapache:masterfrom
Open
HTTP/2: ignore unused PADDED flag on non-padded frames#640arturobernalg wants to merge 1 commit intoapache:masterfrom
arturobernalg wants to merge 1 commit intoapache:masterfrom
Conversation
Raw frame readers were applying PADDED semantics whenever flag 0x08 was set, even for frame types that do not define padding, which violates RFC 9113. This change gates padding validation to DATA, HEADERS, and PUSH_PROMISE only, and reads the Pad Length as an unsigned octet in the NIO path. RFC says: “Unused flags MUST be ignored on receipt and MUST be left unset (0x00) when sending."
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
RawFrame readers were applying PADDED semantics whenever flag 0x08 was set, regardless of frame type. This violates RFC 9113 flag handling rules and can cause spurious PROTOCOL_ERROR (e.g., on PING frames).
RFC 9113, Section 4.1 states: “Unused flags MUST be ignored on receipt and MUST be left unset (0x00) when sending.