Create a dissection mode for the deflate function. #1467
Conversation
This is to be used by protocol analysers which wants to show as much as possible of the header even if packets are missing. In this case a dummy header is inserted ":Failed deflate", "Index not seen before".
|
I do not know why the travis build fails so I have no way of fixing it. |
|
If I understand it correctly, HPACK requires all data to be fed to produce correct output. If a part of data is missing, its behavior is undefined. In particular, the table index is not absolute and can be reused. We have no way to know how many times it is reused. |
|
Hi, I think that as Wireshark just want to show as much of the header as possible to the user not realy |
There was a problem hiding this comment.
The patch will incorrectly decode the remaining stream in at least the following cases:
- A header field representation where the index occupies more than one byte. E.g. an Indexed Header Field Representation with an index larger than 126.
- Any other header field with an index since the value is ignored.
I'll comment on #1389 with some other potential options.
| goto fail; | ||
| if ((dissection == 1) && (rv == NGHTTP2_ERR_HEADER_COMP_MAX_LEN_EX)) { | ||
| /* We recived an index not seen before, make a dissect header entry */ | ||
| rv = 1; |
There was a problem hiding this comment.
This is not correct, if the index is higher than 2^{prefixlen}-2 (126 for Indexed Header Field Representation, prefixlen=7; worst case: 14 for Literal Header Field without Indexing, prefixlen=4), then the length integer will occupy more than one byte.
| rv = NGHTTP2_ERR_HEADER_COMP; | ||
| goto fail; | ||
| } | ||
| emit_dummy_header(nv_out, &nv); |
There was a problem hiding this comment.
This is also not correct, it only works for an Indexed Header Field Representation. It does not work when a value follows.
| return NGHTTP2_ERR_HEADER_COMP; | ||
| DEBUGF("inflatehd: integer %zu exceeded the maximum value %zu\n", out, maxlen); | ||
| inflater->left = out; | ||
| return NGHTTP2_ERR_HEADER_COMP_MAX_LEN_EX; |
There was a problem hiding this comment.
Maybe the tests failed because they expected inflater->left to be 0 (or whatever initial state it was) and a return value of NGTTP2_ERR_HEADER_COMP?
This is to be used by protocol analysers which wants to show as much as
possible of the header even if packets are missing. In this case a dummy
header is inserted ":Failed deflate", "Index not seen before".
Related #1389