Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 073108c

Browse filesBrowse files
addaleaxBethGriggs
addaleax
authored and
BethGriggs
committed
http2: allow security revert for Ping/Settings Flood
nghttp2 has updated its limit for outstanding Ping/Settings ACKs to 1000. This commit allows reverting to the old default of 10000. The associated CVEs are CVE-2019-9512/CVE-2019-9515. Backport-PR-URL: #29124 PR-URL: #29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent 6d687f7 commit 073108c
Copy full SHA for 073108c

File tree

Expand file treeCollapse file tree

2 files changed

+4
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+4
-0
lines changed
Open diff view settings
Collapse file

‎src/node_http2.cc‎

Copy file name to clipboardExpand all lines: src/node_http2.cc
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,6 +144,9 @@ Http2Options::Http2Options(Environment* env, nghttp2_session_type type) {
144144
buffer[IDX_OPTIONS_PEER_MAX_CONCURRENT_STREAMS]);
145145
}
146146

147+
if (IsReverted(SECURITY_REVERT_CVE_2019_9512))
148+
nghttp2_option_set_max_outbound_ack(options_, 10000);
149+
147150
// The padding strategy sets the mechanism by which we determine how much
148151
// additional frame padding to apply to DATA and HEADERS frames. Currently
149152
// this is set on a per-session basis, but eventually we may switch to
Collapse file

‎src/node_revert.h‎

Copy file name to clipboardExpand all lines: src/node_revert.h
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ namespace node {
1717

1818
#define SECURITY_REVERSIONS(XX) \
1919
XX(CVE_2018_12116, "CVE-2018-12116", "HTTP request splitting") \
20+
XX(CVE_2019_9512, "CVE-2019-9512", "HTTP/2 Ping/Settings Flood") \
2021
XX(CVE_2019_9514, "CVE-2019-9514", "HTTP/2 Reset Flood") \
2122
XX(CVE_2019_9516, "CVE-2019-9516", "HTTP/2 0-Length Headers Leak") \
2223
XX(CVE_2019_9518, "CVE-2019-9518", "HTTP/2 Empty DATA Frame Flooding") \

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.