andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
a416b79d86
netty5/codec-http2/src/test/java/io/netty/handler/codec/http2/internal/hpack/DecoderTest.java

423 lines
15 KiB
Java
Raw Normal View History

Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
/*
* Copyright 2015 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
/*
* Copyright 2014 Twitter, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
[#5088] Add annotation which marks packages/interfaces/classes as unstable Motivation: Some codecs should be considered unstable as these are relative new. For this purpose we should introduce an annotation which these codecs should us to be marked as unstable in terms of API. Modifications: - Add UnstableApi annotation and use it on codecs that are not stable - Move http2.hpack to http2.internal.hpack as it is internal. Result: Better document unstable APIs.
2016-04-12 14:22:41 +02:00
package io.netty.handler.codec.http2.internal.hpack;
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
import io.netty.handler.codec.http2.Http2Exception;
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
import io.netty.handler.codec.http2.Http2Headers;
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
import org.junit.Before;
import org.junit.Test;
HTTP/2 HPACK Integer Encoding Bugs Motivation: - Decoder#decodeULE128 has a bounds bug and cannot decode Integer.MAX_VALUE - Decoder#decodeULE128 doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). - Decoder#decodeULE128 treats overflowing the data type and invalid input the same. This can be misleading when inspecting the error that is thrown. - Encoder#encodeInteger doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). Modifications: - Correct the above issues and add unit tests. Result: Fixes https://github.com/netty/netty/issues/6210.
2017-01-13 05:44:52 +01:00
import static io.netty.handler.codec.http2.internal.hpack.Decoder.decodeULE128;
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
import static io.netty.util.AsciiString.EMPTY_STRING;
import static io.netty.util.AsciiString.of;
HTTP/2 HPACK Decoder VarInt Improvement Motivation: HTTP/2 Decoder#decodeULE128 current will tolerate more bytes than necessary when attempted to detect overflow. The usage of this method also currently requires an additional overflow conditional. Modifications: - Integrate the first byte into Decoder#decodeULE128 which allows us to detect overflow reliably and avoid overflow checks outside of this method. Result: Less conditionals and earlier overflow detection in Decoder#decodeULE128
2016-08-13 04:27:32 +02:00
import static java.lang.Integer.MAX_VALUE;
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoMoreInteractions;
public class DecoderTest {
private Decoder decoder;
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
private Http2Headers mockHeaders;
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
private static String hex(String s) {
return Hex.encodeHexString(s.getBytes());
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
private void decode(String encoded) throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
byte[] b = Hex.decodeHex(encoded.toCharArray());
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(b);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
@Before
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
public void setUp() throws Http2Exception {
HTTP/2 Max Header List Size Bug Motivation: If the HPACK Decoder detects that SETTINGS_MAX_HEADER_LIST_SIZE has been violated it aborts immediately and sends a RST_STREAM frame for what ever stream caused the issue. Because HPACK is stateful this means that the HPACK state may become out of sync between peers, and the issue won't be detected until the next headers frame. We should make a best effort to keep processing to keep the HPACK state in sync with our peer, or completely close the connection. If the HPACK Encoder is configured to verify SETTINGS_MAX_HEADER_LIST_SIZE it checks the limit and encodes at the same time. This may result in modifying the HPACK local state but not sending the headers to the peer if SETTINGS_MAX_HEADER_LIST_SIZE is violated. This will also lead to an inconsistency in HPACK state that will be flagged at some later time. Modifications: - HPACK Decoder now has 2 levels of limits related to SETTINGS_MAX_HEADER_LIST_SIZE. The first will attempt to keep processing data and send a RST_STREAM after all data is processed. The second will send a GO_AWAY and close the entire connection. - When the HPACK Encoder enforces SETTINGS_MAX_HEADER_LIST_SIZE it should not modify the HPACK state until the size has been checked. - https://tools.ietf.org/html/rfc7540#section-6.5.2 states that the initial value of SETTINGS_MAX_HEADER_LIST_SIZE is "unlimited". We currently use 8k as a limit. We should honor the specifications default value so we don't unintentionally close a connection before the remote peer is aware of the local settings. - Remove unnecessary object allocation in DefaultHttp2HeadersDecoder and DefaultHttp2HeadersEncoder. Result: Fixes https://github.com/netty/netty/issues/6209.
2017-01-14 02:09:44 +01:00
decoder = new Decoder(8192, 32);
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
mockHeaders = mock(Http2Headers.class);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
HTTP/2 HPACK Integer Encoding Bugs Motivation: - Decoder#decodeULE128 has a bounds bug and cannot decode Integer.MAX_VALUE - Decoder#decodeULE128 doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). - Decoder#decodeULE128 treats overflowing the data type and invalid input the same. This can be misleading when inspecting the error that is thrown. - Encoder#encodeInteger doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). Modifications: - Correct the above issues and add unit tests. Result: Fixes https://github.com/netty/netty/issues/6210.
2017-01-13 05:44:52 +01:00
@Test
public void testDecodeULE128IntMax() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x07};
ByteBuf in = Unpooled.wrappedBuffer(input);
try {
assertEquals(Integer.MAX_VALUE, decodeULE128(in, 0));
} finally {
in.release();
}
}
@Test(expected = Http2Exception.class)
public void testDecodeULE128IntOverflow1() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x07};
ByteBuf in = Unpooled.wrappedBuffer(input);
final int readerIndex = in.readerIndex();
try {
decodeULE128(in, 1);
} finally {
assertEquals(readerIndex, in.readerIndex());
in.release();
}
}
@Test(expected = Http2Exception.class)
public void testDecodeULE128IntOverflow2() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x08};
ByteBuf in = Unpooled.wrappedBuffer(input);
final int readerIndex = in.readerIndex();
try {
decodeULE128(in, 0);
} finally {
assertEquals(readerIndex, in.readerIndex());
in.release();
}
}
@Test
public void testDecodeULE128LongMax() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0x7F};
ByteBuf in = Unpooled.wrappedBuffer(input);
try {
assertEquals(Long.MAX_VALUE, decodeULE128(in, 0L));
} finally {
in.release();
}
}
@Test(expected = Http2Exception.class)
public void testDecodeULE128LongOverflow1() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0xFF};
ByteBuf in = Unpooled.wrappedBuffer(input);
final int readerIndex = in.readerIndex();
try {
decodeULE128(in, 0L);
} finally {
assertEquals(readerIndex, in.readerIndex());
in.release();
}
}
@Test(expected = Http2Exception.class)
public void testDecodeULE128LongOverflow2() throws Http2Exception {
byte[] input = {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0x7F};
ByteBuf in = Unpooled.wrappedBuffer(input);
final int readerIndex = in.readerIndex();
try {
decodeULE128(in, 1L);
} finally {
assertEquals(readerIndex, in.readerIndex());
in.release();
}
}
@Test
public void testSetTableSizeWithMaxUnsigned32BitValueSucceeds() throws Http2Exception {
byte[] input = {(byte) 0x3F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x0E};
ByteBuf in = Unpooled.wrappedBuffer(input);
try {
final long expectedHeaderSize = 4026531870L; // based on the input above
decoder.setMaxHeaderTableSize(expectedHeaderSize);
decoder.decode(0, in, mockHeaders);
assertEquals(expectedHeaderSize, decoder.getMaxHeaderTableSize());
} finally {
in.release();
}
}
@Test(expected = Http2Exception.class)
public void testSetTableSizeOverLimitFails() throws Http2Exception {
byte[] input = {(byte) 0x3F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x0E};
ByteBuf in = Unpooled.wrappedBuffer(input);
try {
decoder.setMaxHeaderTableSize(4026531870L - 1); // based on the input above ... 1 less than is above.
decoder.decode(0, in, mockHeaders);
} finally {
in.release();
}
}
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testLiteralHuffmanEncodedWithEmptyNameAndValue() throws Http2Exception {
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
byte[] input = {0, (byte) 0x80, 0};
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(input);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders, times(1)).add(EMPTY_STRING, EMPTY_STRING);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralHuffmanEncodedWithPaddingGreaterThan7Throws() throws Http2Exception {
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
byte[] input = {0, (byte) 0x81, -1};
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(input);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralHuffmanEncodedWithDecodingEOSThrows() throws Http2Exception {
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
byte[] input = {0, (byte) 0x84, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF};
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(input);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralHuffmanEncodedWithPaddingNotCorrespondingToMSBThrows() throws Http2Exception {
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
byte[] input = {0, (byte) 0x81, 0};
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(input);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
HTTP/2 HPACK Integer Encoding Bugs Motivation: - Decoder#decodeULE128 has a bounds bug and cannot decode Integer.MAX_VALUE - Decoder#decodeULE128 doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). - Decoder#decodeULE128 treats overflowing the data type and invalid input the same. This can be misleading when inspecting the error that is thrown. - Encoder#encodeInteger doesn't support values greater than can be represented with Java's int data type. This is a problem because there are cases that require at least unsigned 32 bits (max header table size). Modifications: - Correct the above issues and add unit tests. Result: Fixes https://github.com/netty/netty/issues/6210.
2017-01-13 05:44:52 +01:00
public void testIncompleteIndex() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
byte[] compressed = Hex.decodeHex("FFF0".toCharArray());
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
ByteBuf in = Unpooled.wrappedBuffer(compressed);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
try {
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
assertEquals(1, in.readableBytes());
HTTP/2 Ensure default settings are correctly enforced and interfaces clarified Motivation: The responsibility for retaining the settings values and enforcing the settings constraints is spread out in different areas of the code and may be initialized with different values than the default specified in the RFC. This should not be allowed by default and interfaces which are responsible for maintaining/enforcing settings state should clearly indicate the restrictions that they should only be set by the codec upon receipt of a SETTINGS ACK frame. Modifications: - Encoder, Decoder, and the Headers Encoder/Decoder no longer expose public constructors that allow the default settings to be changed. - Http2HeadersDecoder#maxHeaderSize() exists to provide some bound when headers/continuation frames are being aggregated. However this is roughly the same as SETTINGS_MAX_HEADER_LIST_SIZE (besides the 32 byte octet for each header field) and can be used instead of attempting to keep the two independent values in sync. - Encoding headers now enforces SETTINGS_MAX_HEADER_LIST_SIZE at the octect level. Previously the header encoder compared the number of header key/value pairs against SETTINGS_MAX_HEADER_LIST_SIZE instead of the number of octets (plus 32 bytes overhead). - DefaultHttp2ConnectionDecoder#onData calls shouldIgnoreHeadersOrDataFrame but may swallow exceptions from this method. This means a STREAM_RST frame may not be sent when it should for an unknown stream and thus violate the RFC. The exception is no longer swallowed. Result: Default settings state is enforced and interfaces related to settings state are clarified.
2016-09-16 15:57:33 +02:00
decoder.decode(0, in, mockHeaders);
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
} finally {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
in.release();
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
}
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testUnusedIndex() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Index 0 is not used
decode("80");
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testIllegalIndex() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Index larger than the header table
decode("FF00");
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testInsidiousIndex() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Insidious index so the last shift causes sign overflow
HTTP/2 HPACK Decoder VarInt Improvement Motivation: HTTP/2 Decoder#decodeULE128 current will tolerate more bytes than necessary when attempted to detect overflow. The usage of this method also currently requires an additional overflow conditional. Modifications: - Integrate the first byte into Decoder#decodeULE128 which allows us to detect overflow reliably and avoid overflow checks outside of this method. Result: Less conditionals and earlier overflow detection in Decoder#decodeULE128
2016-08-13 04:27:32 +02:00
decode("FF8080808007");
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testDynamicTableSizeUpdate() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decode("20");
assertEquals(0, decoder.getMaxHeaderTableSize());
decode("3FE11F");
assertEquals(4096, decoder.getMaxHeaderTableSize());
}
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testDynamicTableSizeUpdateRequired() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decoder.setMaxHeaderTableSize(32);
decode("3F00");
assertEquals(31, decoder.getMaxHeaderTableSize());
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testIllegalDynamicTableSizeUpdate() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// max header table size = MAX_HEADER_TABLE_SIZE + 1
decode("3FE21F");
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testInsidiousMaxDynamicTableSize() throws Http2Exception {
HTTP/2 HPACK Decoder VarInt Improvement Motivation: HTTP/2 Decoder#decodeULE128 current will tolerate more bytes than necessary when attempted to detect overflow. The usage of this method also currently requires an additional overflow conditional. Modifications: - Integrate the first byte into Decoder#decodeULE128 which allows us to detect overflow reliably and avoid overflow checks outside of this method. Result: Less conditionals and earlier overflow detection in Decoder#decodeULE128
2016-08-13 04:27:32 +02:00
decoder.setMaxHeaderTableSize(MAX_VALUE);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// max header table size sign overflow
decode("3FE1FFFFFF07");
}
HTTP/2 HPACK Decoder VarInt Improvement Motivation: HTTP/2 Decoder#decodeULE128 current will tolerate more bytes than necessary when attempted to detect overflow. The usage of this method also currently requires an additional overflow conditional. Modifications: - Integrate the first byte into Decoder#decodeULE128 which allows us to detect overflow reliably and avoid overflow checks outside of this method. Result: Less conditionals and earlier overflow detection in Decoder#decodeULE128
2016-08-13 04:27:32 +02:00
@Test
public void testMaxValidDynamicTableSize() throws Http2Exception {
decoder.setMaxHeaderTableSize(MAX_VALUE);
String baseValue = "3FE1FFFFFF0";
for (int i = 0; i < 7; ++i) {
decode(baseValue + i);
}
}
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testReduceMaxDynamicTableSize() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decoder.setMaxHeaderTableSize(0);
assertEquals(0, decoder.getMaxHeaderTableSize());
decode("2081");
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testTooLargeDynamicTableSizeUpdate() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decoder.setMaxHeaderTableSize(0);
assertEquals(0, decoder.getMaxHeaderTableSize());
decode("21"); // encoder max header table size not small enough
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testMissingDynamicTableSizeUpdate() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decoder.setMaxHeaderTableSize(0);
assertEquals(0, decoder.getMaxHeaderTableSize());
decode("81");
}
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testLiteralWithIncrementalIndexingWithEmptyName() throws Http2Exception {
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
decode("400005" + hex("value"));
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders, times(1)).add(EMPTY_STRING, of("value"));
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testLiteralWithIncrementalIndexingCompleteEviction() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Verify indexed host header
decode("4004" + hex("name") + "05" + hex("value"));
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders).add(of("name"), of("value"));
verifyNoMoreInteractions(mockHeaders);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
reset(mockHeaders);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
StringBuilder sb = new StringBuilder();
for (int i = 0; i < 4096; i++) {
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
sb.append('a');
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
String value = sb.toString();
sb = new StringBuilder();
sb.append("417F811F");
for (int i = 0; i < 4096; i++) {
sb.append("61"); // 'a'
}
decode(sb.toString());
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders).add(of(":authority"), of(value));
verifyNoMoreInteractions(mockHeaders);
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
reset(mockHeaders);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Verify next header is inserted at index 62
decode("4004" + hex("name") + "05" + hex("value") + "BE");
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders, times(2)).add(of("name"), of("value"));
verifyNoMoreInteractions(mockHeaders);
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralWithIncrementalIndexingWithLargeValue() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Ignore header that exceeds max header size
StringBuilder sb = new StringBuilder();
sb.append("4004");
sb.append(hex("name"));
sb.append("7F813F");
for (int i = 0; i < 8192; i++) {
sb.append("61"); // 'a'
}
decode(sb.toString());
}
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testLiteralWithoutIndexingWithEmptyName() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decode("000005" + hex("value"));
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders, times(1)).add(EMPTY_STRING, of("value"));
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralWithoutIndexingWithLargeName() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Ignore header name that exceeds max header size
StringBuilder sb = new StringBuilder();
sb.append("007F817F");
for (int i = 0; i < 16384; i++) {
sb.append("61"); // 'a'
}
sb.append("00");
decode(sb.toString());
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralWithoutIndexingWithLargeValue() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Ignore header that exceeds max header size
StringBuilder sb = new StringBuilder();
sb.append("0004");
sb.append(hex("name"));
sb.append("7F813F");
for (int i = 0; i < 8192; i++) {
sb.append("61"); // 'a'
}
decode(sb.toString());
}
HTTP/2 HPACK Header Name Validation and Trailing Padding Motivation: The HPACK code currently disallows empty header names. This is not explicitly forbidden by the HPACK RFC https://tools.ietf.org/html/rfc7541. However the HTTP/1.x RFC https://tools.ietf.org/html/rfc7230#section-3.2 and thus HTTP/2 both disallow empty header names, and so this precondition check should be moved from the HPACK code to the protocol level. HPACK also requires that string literals which are huffman encoded must be treated as an encoding error if the string has more than 7 trailing padding bits https://tools.ietf.org/html/rfc7541#section-5.2, but this is currently not enforced. Result: - HPACK to allow empty header names - HTTP/1.x and HTTP/2 header validation should not allow empty header names - Enforce max of 7 trailing padding bits Result: Code is more compliant with the above mentioned RFCs Fixes https://github.com/netty/netty/issues/5228
2016-05-10 18:09:37 +02:00
@Test
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
public void testLiteralNeverIndexedWithEmptyName() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
decode("100005" + hex("value"));
Optimize HPACK usage to align more with Netty types and remove heavy object creations. Related to [#3597] Motivations: The HPACK code was not really optimized and written with Netty types in mind. Because of this a lot of garbage was created due heavy object creation. This was first reported in [#3597] and https://github.com/grpc/grpc-java/issues/1872 . Modifications: - Directly use ByteBuf as input and output - Make use of ByteProcessor where possible - Use AsciiString as this is the only thing we need for our http2 usage Result: Less garbage and better usage of Netty apis.
2016-05-30 13:40:08 +02:00
verify(mockHeaders, times(1)).add(EMPTY_STRING, of("value"));
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralNeverIndexedWithLargeName() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Ignore header name that exceeds max header size
StringBuilder sb = new StringBuilder();
sb.append("107F817F");
for (int i = 0; i < 16384; i++) {
sb.append("61"); // 'a'
}
sb.append("00");
decode(sb.toString());
}
HTTP/2 Simplify Headers Decode Bounds Checking Motivation: The HPACK decoder keeps state so that the decode method can be called multiple times with successive header fragments. This decoder also requires that a method is called to signify the decoding is complete. At this point status is returned to indicate if the max header size has been violated. Netty always accumulates the header fragments into a single buffer before attempting to HPACK decode process and so keeping state and delaying notification that bounds have been exceeded is not necessary. Modifications: - HPACK Decoder#decode(..) now must be called with a complete header block - HPACK will terminate immediately if the maximum header length, or maximum number of headers is exceeded - Reduce member variables in the HPACK Decoder class because they can now live in the decode(..) method Result: HPACK bounds checking is done earlier and less class state is needed.
2016-08-05 09:09:43 +02:00
@Test(expected = Http2Exception.class)
public void testLiteralNeverIndexedWithLargeValue() throws Http2Exception {
Forking Twitter's hpack Motivation: The twitter hpack project does not have the support that it used to have. See discussion here: https://github.com/netty/netty/issues/4403. Modifications: Created a new module in Netty and copied the latest from twitter hpack master. Result: Netty no longer depends on twitter hpack.
2015-11-04 21:46:03 +01:00
// Ignore header that exceeds max header size
StringBuilder sb = new StringBuilder();
sb.append("1004");
sb.append(hex("name"));
sb.append("7F813F");
for (int i = 0; i < 8192; i++) {
sb.append("61"); // 'a'
}
decode(sb.toString());
}
}
Reference in New Issue Copy Permalink