Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0acbe05

Browse filesBrowse files
addaleaxBethGriggs
addaleax
authored and
BethGriggs
committed
http2: allow security revert for Ping/Settings Flood
nghttp2 has updated its limit for outstanding Ping/Settings ACKs to 1000. This commit allows reverting to the old default of 10000. The associated CVEs are CVE-2019-9512/CVE-2019-9515. Backport-PR-URL: #29123 PR-URL: #29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent c152449 commit 0acbe05
Copy full SHA for 0acbe05

File tree

Expand file treeCollapse file tree

2 files changed

+4
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+4
-0
lines changed
Open diff view settings
Collapse file

‎src/node_http2.cc‎

Copy file name to clipboardExpand all lines: src/node_http2.cc
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -152,6 +152,9 @@ Http2Options::Http2Options(Environment* env, nghttp2_session_type type) {
152152
buffer[IDX_OPTIONS_PEER_MAX_CONCURRENT_STREAMS]);
153153
}
154154

155+
if (IsReverted(SECURITY_REVERT_CVE_2019_9512))
156+
nghttp2_option_set_max_outbound_ack(options_, 10000);
157+
155158
// The padding strategy sets the mechanism by which we determine how much
156159
// additional frame padding to apply to DATA and HEADERS frames. Currently
157160
// this is set on a per-session basis, but eventually we may switch to
Collapse file

‎src/node_revert.h‎

Copy file name to clipboardExpand all lines: src/node_revert.h
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
namespace node {
1717

1818
#define SECURITY_REVERSIONS(XX) \
19+
XX(CVE_2019_9512, "CVE-2019-9512", "HTTP/2 Ping/Settings Flood") \
1920
XX(CVE_2019_9514, "CVE-2019-9514", "HTTP/2 Reset Flood") \
2021
XX(CVE_2019_9516, "CVE-2019-9516", "HTTP/2 0-Length Headers Leak") \
2122
XX(CVE_2019_9518, "CVE-2019-9518", "HTTP/2 Empty DATA Frame Flooding") \

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.