folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
CBL-Mariner/SPECS/moby-buildx/CVE-2021-44716.patch

51 lines
2.2 KiB
Diff
Raw Blame History

Parent: db4efeb8 (http2: deflake TestTransportGroupsPendingDials)
Author: Damien Neil <dneil@google.com>
AuthorDate: 2021-12-06 14:31:43 -0800
Commit: Filippo Valsorda <filippo@golang.org>
CommitDate: 2021-12-09 12:49:13 +0000
http2: cap the size of the server's canonical header cache
The HTTP/2 server keeps a per-connection cache mapping header keys
to their canonicalized form (e.g., "foo-bar" => "Foo-Bar"). Cap the
maximum size of this cache to prevent a peer sending many unique
header keys from causing unbounded memory growth.
Cap chosen arbitrarily at 32 entries. Since this cache does not
include common headers (e.g., "content-type"), 32 seems like more
than enough for almost all normal uses.
Fixes #50058
Fixes CVE-2021-44716
Change-Id: Ia83696dc23253c12af8f26d502557c2cc9841105
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1290827
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/net/+/369794
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Trust: Damien Neil <dneil@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
diff -ru cli-20.10.27-orig/vendor/golang.org/x/net/http2/server.go cli-20.10.27/vendor/golang.org/x/net/http2/server.go
--- cli-20.10.27-orig/vendor/golang.org/x/net/http2/server.go 2024-02-05 08:53:30.802532951 -0800
+++ cli-20.10.27/vendor/golang.org/x/net/http2/server.go 2024-02-05 09:19:08.473430121 -0800
@@ -720,7 +720,15 @@
sc.canonHeader = make(map[string]string)
}
cv = http.CanonicalHeaderKey(v)
- sc.canonHeader[v] = cv
+ // maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
+ // entries in the canonHeader cache. This should be larger than the number
+ // of unique, uncommon header keys likely to be sent by the peer, while not
+ // so high as to permit unreaasonable memory usage if the peer sends an unbounded
+ // number of unique header keys.
+ const maxCachedCanonicalHeaders = 32
+ if len(sc.canonHeader) < maxCachedCanonicalHeaders {
+ sc.canonHeader[v] = cv
+ }
return cv
}
Reference in New Issue View Git Blame Copy Permalink