-
Notifications
You must be signed in to change notification settings - Fork 860
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a dissection mode for the deflate function. #1467
base: master
Are you sure you want to change the base?
Conversation
This is to be used by protocol analysers which wants to show as much as possible of the header even if packets are missing. In this case a dummy header is inserted ":Failed deflate", "Index not seen before".
I do not know why the travis build fails so I have no way of fixing it. |
If I understand it correctly, HPACK requires all data to be fed to produce correct output. If a part of data is missing, its behavior is undefined. In particular, the table index is not absolute and can be reused. We have no way to know how many times it is reused. |
Hi, I think that as Wireshark just want to show as much of the header as possible to the user not realy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The patch will incorrectly decode the remaining stream in at least the following cases:
- A header field representation where the index occupies more than one byte. E.g. an Indexed Header Field Representation with an index larger than 126.
- Any other header field with an index since the value is ignored.
I'll comment on #1389 with some other potential options.
goto fail; | ||
if ((dissection == 1) && (rv == NGHTTP2_ERR_HEADER_COMP_MAX_LEN_EX)) { | ||
/* We recived an index not seen before, make a dissect header entry */ | ||
rv = 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not correct, if the index is higher than 2^{prefixlen}-2
(126 for Indexed Header Field Representation, prefixlen=7; worst case: 14 for Literal Header Field without Indexing, prefixlen=4), then the length integer will occupy more than one byte.
rv = NGHTTP2_ERR_HEADER_COMP; | ||
goto fail; | ||
} | ||
emit_dummy_header(nv_out, &nv); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is also not correct, it only works for an Indexed Header Field Representation. It does not work when a value follows.
return NGHTTP2_ERR_HEADER_COMP; | ||
DEBUGF("inflatehd: integer %zu exceeded the maximum value %zu\n", out, maxlen); | ||
inflater->left = out; | ||
return NGHTTP2_ERR_HEADER_COMP_MAX_LEN_EX; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe the tests failed because they expected inflater->left
to be 0 (or whatever initial state it was) and a return value of NGTTP2_ERR_HEADER_COMP
?
This is to be used by protocol analysers which wants to show as much as
possible of the header even if packets are missing. In this case a dummy
header is inserted ":Failed deflate", "Index not seen before".
Related #1389