forked/h2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add some missing bounds checks. (#260)

Browse Source
This commit is contained in:
Geoffry Song
2018-04-23 14:38:42 -07:00
committed by Carl Lerche
parent 040f391479
commit 11f914150e
4 changed files with 33 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/frame/headers.rs
View File

@@ -153,7 +153,9 @@ impl Headers {
// Read the padding length
if flags.is_padded() {
// TODO: Ensure payload is sized correctly
if src.len() < 1 {
return Err(Error::MalformedMessage);
}
pad = src[0] as usize;
// Drop the padding
@@ -162,6 +164,9 @@ impl Headers {
// Read the stream dependency
let stream_dep = if flags.is_priority() {
if src.len() < 5 {
return Err(Error::MalformedMessage);
}
let stream_dep = StreamDependency::load(&src[..5])?;
if stream_dep.dependency_id() == head.stream_id() {
@@ -290,6 +295,10 @@ impl PushPromise {
// Read the padding length
if flags.is_padded() {
if src.len() < 1 {
return Err(Error::MalformedMessage);
}
// TODO: Ensure payload is sized correctly
pad = src[0] as usize;
@@ -297,6 +306,10 @@ impl PushPromise {
let _ = src.split_to(1);
}
if src.len() < 5 {
return Err(Error::MalformedMessage);
}
let (promised_id, _) = StreamId::parse(&src[..4]);
// Drop promised_id bytes
let _ = src.split_to(5);