Coverage Report

Created: 2023-03-26 06:11

/src/nghttp2/lib/nghttp2_frame.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * nghttp2 - HTTP/2 C Library
3
 *
4
 * Copyright (c) 2013 Tatsuhiro Tsujikawa
5
 *
6
 * Permission is hereby granted, free of charge, to any person obtaining
7
 * a copy of this software and associated documentation files (the
8
 * "Software"), to deal in the Software without restriction, including
9
 * without limitation the rights to use, copy, modify, merge, publish,
10
 * distribute, sublicense, and/or sell copies of the Software, and to
11
 * permit persons to whom the Software is furnished to do so, subject to
12
 * the following conditions:
13
 *
14
 * The above copyright notice and this permission notice shall be
15
 * included in all copies or substantial portions of the Software.
16
 *
17
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
21
 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
22
 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
23
 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24
 */
25
#include "nghttp2_frame.h"
26
27
#include <string.h>
28
#include <assert.h>
29
#include <stdio.h>
30
#include <errno.h>
31
32
#include "nghttp2_helper.h"
33
#include "nghttp2_net.h"
34
#include "nghttp2_priority_spec.h"
35
#include "nghttp2_debug.h"
36
37
0
void nghttp2_frame_pack_frame_hd(uint8_t *buf, const nghttp2_frame_hd *hd) {
38
0
  nghttp2_put_uint32be(&buf[0], (uint32_t)(hd->length << 8));
39
0
  buf[3] = hd->type;
40
0
  buf[4] = hd->flags;
41
0
  nghttp2_put_uint32be(&buf[5], (uint32_t)hd->stream_id);
42
  /* ignore hd->reserved for now */
43
0
}
44
45
0
void nghttp2_frame_unpack_frame_hd(nghttp2_frame_hd *hd, const uint8_t *buf) {
46
0
  hd->length = nghttp2_get_uint32(&buf[0]) >> 8;
47
0
  hd->type = buf[3];
48
0
  hd->flags = buf[4];
49
0
  hd->stream_id = nghttp2_get_uint32(&buf[5]) & NGHTTP2_STREAM_ID_MASK;
50
0
  hd->reserved = 0;
51
0
}
52
53
void nghttp2_frame_hd_init(nghttp2_frame_hd *hd, size_t length, uint8_t type,
54
0
                           uint8_t flags, int32_t stream_id) {
55
0
  hd->length = length;
56
0
  hd->type = type;
57
0
  hd->flags = flags;
58
0
  hd->stream_id = stream_id;
59
0
  hd->reserved = 0;
60
0
}
61
62
void nghttp2_frame_headers_init(nghttp2_headers *frame, uint8_t flags,
63
                                int32_t stream_id, nghttp2_headers_category cat,
64
                                const nghttp2_priority_spec *pri_spec,
65
0
                                nghttp2_nv *nva, size_t nvlen) {
66
0
  nghttp2_frame_hd_init(&frame->hd, 0, NGHTTP2_HEADERS, flags, stream_id);
67
0
  frame->padlen = 0;
68
0
  frame->nva = nva;
69
0
  frame->nvlen = nvlen;
70
0
  frame->cat = cat;
71
72
0
  if (pri_spec) {
73
0
    frame->pri_spec = *pri_spec;
74
0
  } else {
75
0
    nghttp2_priority_spec_default_init(&frame->pri_spec);
76
0
  }
77
0
}
78
79
0
void nghttp2_frame_headers_free(nghttp2_headers *frame, nghttp2_mem *mem) {
80
0
  nghttp2_nv_array_del(frame->nva, mem);
81
0
}
82
83
void nghttp2_frame_priority_init(nghttp2_priority *frame, int32_t stream_id,
84
0
                                 const nghttp2_priority_spec *pri_spec) {
85
0
  nghttp2_frame_hd_init(&frame->hd, NGHTTP2_PRIORITY_SPECLEN, NGHTTP2_PRIORITY,
86
0
                        NGHTTP2_FLAG_NONE, stream_id);
87
0
  frame->pri_spec = *pri_spec;
88
0
}
89
90
0
void nghttp2_frame_priority_free(nghttp2_priority *frame) { (void)frame; }
91
92
void nghttp2_frame_rst_stream_init(nghttp2_rst_stream *frame, int32_t stream_id,
93
0
                                   uint32_t error_code) {
94
0
  nghttp2_frame_hd_init(&frame->hd, 4, NGHTTP2_RST_STREAM, NGHTTP2_FLAG_NONE,
95
0
                        stream_id);
96
0
  frame->error_code = error_code;
97
0
}
98
99
0
void nghttp2_frame_rst_stream_free(nghttp2_rst_stream *frame) { (void)frame; }
100
101
void nghttp2_frame_settings_init(nghttp2_settings *frame, uint8_t flags,
102
0
                                 nghttp2_settings_entry *iv, size_t niv) {
103
0
  nghttp2_frame_hd_init(&frame->hd, niv * NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH,
104
0
                        NGHTTP2_SETTINGS, flags, 0);
105
0
  frame->niv = niv;
106
0
  frame->iv = iv;
107
0
}
108
109
0
void nghttp2_frame_settings_free(nghttp2_settings *frame, nghttp2_mem *mem) {
110
0
  nghttp2_mem_free(mem, frame->iv);
111
0
}
112
113
void nghttp2_frame_push_promise_init(nghttp2_push_promise *frame, uint8_t flags,
114
                                     int32_t stream_id,
115
                                     int32_t promised_stream_id,
116
0
                                     nghttp2_nv *nva, size_t nvlen) {
117
0
  nghttp2_frame_hd_init(&frame->hd, 0, NGHTTP2_PUSH_PROMISE, flags, stream_id);
118
0
  frame->padlen = 0;
119
0
  frame->nva = nva;
120
0
  frame->nvlen = nvlen;
121
0
  frame->promised_stream_id = promised_stream_id;
122
0
  frame->reserved = 0;
123
0
}
124
125
void nghttp2_frame_push_promise_free(nghttp2_push_promise *frame,
126
0
                                     nghttp2_mem *mem) {
127
0
  nghttp2_nv_array_del(frame->nva, mem);
128
0
}
129
130
void nghttp2_frame_ping_init(nghttp2_ping *frame, uint8_t flags,
131
0
                             const uint8_t *opaque_data) {
132
0
  nghttp2_frame_hd_init(&frame->hd, 8, NGHTTP2_PING, flags, 0);
133
0
  if (opaque_data) {
134
0
    memcpy(frame->opaque_data, opaque_data, sizeof(frame->opaque_data));
135
0
  } else {
136
0
    memset(frame->opaque_data, 0, sizeof(frame->opaque_data));
137
0
  }
138
0
}
139
140
0
void nghttp2_frame_ping_free(nghttp2_ping *frame) { (void)frame; }
141
142
void nghttp2_frame_goaway_init(nghttp2_goaway *frame, int32_t last_stream_id,
143
                               uint32_t error_code, uint8_t *opaque_data,
144
0
                               size_t opaque_data_len) {
145
0
  nghttp2_frame_hd_init(&frame->hd, 8 + opaque_data_len, NGHTTP2_GOAWAY,
146
0
                        NGHTTP2_FLAG_NONE, 0);
147
0
  frame->last_stream_id = last_stream_id;
148
0
  frame->error_code = error_code;
149
0
  frame->opaque_data = opaque_data;
150
0
  frame->opaque_data_len = opaque_data_len;
151
0
  frame->reserved = 0;
152
0
}
153
154
0
void nghttp2_frame_goaway_free(nghttp2_goaway *frame, nghttp2_mem *mem) {
155
0
  nghttp2_mem_free(mem, frame->opaque_data);
156
0
}
157
158
void nghttp2_frame_window_update_init(nghttp2_window_update *frame,
159
                                      uint8_t flags, int32_t stream_id,
160
0
                                      int32_t window_size_increment) {
161
0
  nghttp2_frame_hd_init(&frame->hd, 4, NGHTTP2_WINDOW_UPDATE, flags, stream_id);
162
0
  frame->window_size_increment = window_size_increment;
163
0
  frame->reserved = 0;
164
0
}
165
166
0
void nghttp2_frame_window_update_free(nghttp2_window_update *frame) {
167
0
  (void)frame;
168
0
}
169
170
0
size_t nghttp2_frame_trail_padlen(nghttp2_frame *frame, size_t padlen) {
171
  /* We have iframe->padlen == 0, but iframe->frame.hd.flags may have
172
     NGHTTP2_FLAG_PADDED set.  This happens when receiving
173
     CONTINUATION frame, since we don't reset flags after HEADERS was
174
     received. */
175
0
  if (padlen == 0) {
176
0
    return 0;
177
0
  }
178
0
  return padlen - ((frame->hd.flags & NGHTTP2_FLAG_PADDED) > 0);
179
0
}
180
181
void nghttp2_frame_data_init(nghttp2_data *frame, uint8_t flags,
182
0
                             int32_t stream_id) {
183
  /* At this moment, the length of DATA frame is unknown */
184
0
  nghttp2_frame_hd_init(&frame->hd, 0, NGHTTP2_DATA, flags, stream_id);
185
0
  frame->padlen = 0;
186
0
}
187
188
0
void nghttp2_frame_data_free(nghttp2_data *frame) { (void)frame; }
189
190
void nghttp2_frame_extension_init(nghttp2_extension *frame, uint8_t type,
191
                                  uint8_t flags, int32_t stream_id,
192
0
                                  void *payload) {
193
0
  nghttp2_frame_hd_init(&frame->hd, 0, type, flags, stream_id);
194
0
  frame->payload = payload;
195
0
}
196
197
0
void nghttp2_frame_extension_free(nghttp2_extension *frame) { (void)frame; }
198
199
void nghttp2_frame_altsvc_init(nghttp2_extension *frame, int32_t stream_id,
200
                               uint8_t *origin, size_t origin_len,
201
0
                               uint8_t *field_value, size_t field_value_len) {
202
0
  nghttp2_ext_altsvc *altsvc;
203
204
0
  nghttp2_frame_hd_init(&frame->hd, 2 + origin_len + field_value_len,
205
0
                        NGHTTP2_ALTSVC, NGHTTP2_FLAG_NONE, stream_id);
206
207
0
  altsvc = frame->payload;
208
0
  altsvc->origin = origin;
209
0
  altsvc->origin_len = origin_len;
210
0
  altsvc->field_value = field_value;
211
0
  altsvc->field_value_len = field_value_len;
212
0
}
213
214
0
void nghttp2_frame_altsvc_free(nghttp2_extension *frame, nghttp2_mem *mem) {
215
0
  nghttp2_ext_altsvc *altsvc;
216
217
0
  altsvc = frame->payload;
218
0
  if (altsvc == NULL) {
219
0
    return;
220
0
  }
221
  /* We use the same buffer for altsvc->origin and
222
     altsvc->field_value. */
223
0
  nghttp2_mem_free(mem, altsvc->origin);
224
0
}
225
226
void nghttp2_frame_origin_init(nghttp2_extension *frame,
227
0
                               nghttp2_origin_entry *ov, size_t nov) {
228
0
  nghttp2_ext_origin *origin;
229
0
  size_t payloadlen = 0;
230
0
  size_t i;
231
232
0
  for (i = 0; i < nov; ++i) {
233
0
    payloadlen += 2 + ov[i].origin_len;
234
0
  }
235
236
0
  nghttp2_frame_hd_init(&frame->hd, payloadlen, NGHTTP2_ORIGIN,
237
0
                        NGHTTP2_FLAG_NONE, 0);
238
239
0
  origin = frame->payload;
240
0
  origin->ov = ov;
241
0
  origin->nov = nov;
242
0
}
243
244
0
void nghttp2_frame_origin_free(nghttp2_extension *frame, nghttp2_mem *mem) {
245
0
  nghttp2_ext_origin *origin;
246
247
0
  origin = frame->payload;
248
0
  if (origin == NULL) {
249
0
    return;
250
0
  }
251
  /* We use the same buffer for all resources pointed by the field of
252
     origin directly or indirectly. */
253
0
  nghttp2_mem_free(mem, origin->ov);
254
0
}
255
256
0
size_t nghttp2_frame_priority_len(uint8_t flags) {
257
0
  if (flags & NGHTTP2_FLAG_PRIORITY) {
258
0
    return NGHTTP2_PRIORITY_SPECLEN;
259
0
  }
260
261
0
  return 0;
262
0
}
263
264
0
size_t nghttp2_frame_headers_payload_nv_offset(nghttp2_headers *frame) {
265
0
  return nghttp2_frame_priority_len(frame->hd.flags);
266
0
}
267
268
/*
269
 * Call this function after payload was serialized, but not before
270
 * changing buf->pos and serializing frame header.
271
 *
272
 * This function assumes bufs->cur points to the last buf chain of the
273
 * frame(s).
274
 *
275
 * This function serializes frame header for HEADERS/PUSH_PROMISE and
276
 * handles their successive CONTINUATION frames.
277
 *
278
 * We don't process any padding here.
279
 */
280
static int frame_pack_headers_shared(nghttp2_bufs *bufs,
281
0
                                     nghttp2_frame_hd *frame_hd) {
282
0
  nghttp2_buf *buf;
283
0
  nghttp2_buf_chain *ci, *ce;
284
0
  nghttp2_frame_hd hd;
285
286
0
  buf = &bufs->head->buf;
287
288
0
  hd = *frame_hd;
289
0
  hd.length = nghttp2_buf_len(buf);
290
291
0
  DEBUGF("send: HEADERS/PUSH_PROMISE, payloadlen=%zu\n", hd.length);
292
293
  /* We have multiple frame buffers, which means one or more
294
     CONTINUATION frame is involved. Remove END_HEADERS flag from the
295
     first frame. */
296
0
  if (bufs->head != bufs->cur) {
297
0
    hd.flags = (uint8_t)(hd.flags & ~NGHTTP2_FLAG_END_HEADERS);
298
0
  }
299
300
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
301
0
  nghttp2_frame_pack_frame_hd(buf->pos, &hd);
302
303
0
  if (bufs->head != bufs->cur) {
304
    /* 2nd and later frames are CONTINUATION frames. */
305
0
    hd.type = NGHTTP2_CONTINUATION;
306
    /* We don't have no flags except for last CONTINUATION */
307
0
    hd.flags = NGHTTP2_FLAG_NONE;
308
309
0
    ce = bufs->cur;
310
311
0
    for (ci = bufs->head->next; ci != ce; ci = ci->next) {
312
0
      buf = &ci->buf;
313
314
0
      hd.length = nghttp2_buf_len(buf);
315
316
0
      DEBUGF("send: int CONTINUATION, payloadlen=%zu\n", hd.length);
317
318
0
      buf->pos -= NGHTTP2_FRAME_HDLEN;
319
0
      nghttp2_frame_pack_frame_hd(buf->pos, &hd);
320
0
    }
321
322
0
    buf = &ci->buf;
323
0
    hd.length = nghttp2_buf_len(buf);
324
    /* Set END_HEADERS flag for last CONTINUATION */
325
0
    hd.flags = NGHTTP2_FLAG_END_HEADERS;
326
327
0
    DEBUGF("send: last CONTINUATION, payloadlen=%zu\n", hd.length);
328
329
0
    buf->pos -= NGHTTP2_FRAME_HDLEN;
330
0
    nghttp2_frame_pack_frame_hd(buf->pos, &hd);
331
0
  }
332
333
0
  return 0;
334
0
}
335
336
int nghttp2_frame_pack_headers(nghttp2_bufs *bufs, nghttp2_headers *frame,
337
0
                               nghttp2_hd_deflater *deflater) {
338
0
  size_t nv_offset;
339
0
  int rv;
340
0
  nghttp2_buf *buf;
341
342
0
  assert(bufs->head == bufs->cur);
343
344
0
  nv_offset = nghttp2_frame_headers_payload_nv_offset(frame);
345
346
0
  buf = &bufs->cur->buf;
347
348
0
  buf->pos += nv_offset;
349
0
  buf->last = buf->pos;
350
351
  /* This call will adjust buf->last to the correct position */
352
0
  rv = nghttp2_hd_deflate_hd_bufs(deflater, bufs, frame->nva, frame->nvlen);
353
354
0
  if (rv == NGHTTP2_ERR_BUFFER_ERROR) {
355
0
    rv = NGHTTP2_ERR_HEADER_COMP;
356
0
  }
357
358
0
  buf->pos -= nv_offset;
359
360
0
  if (rv != 0) {
361
0
    return rv;
362
0
  }
363
364
0
  if (frame->hd.flags & NGHTTP2_FLAG_PRIORITY) {
365
0
    nghttp2_frame_pack_priority_spec(buf->pos, &frame->pri_spec);
366
0
  }
367
368
0
  frame->padlen = 0;
369
0
  frame->hd.length = nghttp2_bufs_len(bufs);
370
371
0
  return frame_pack_headers_shared(bufs, &frame->hd);
372
0
}
373
374
void nghttp2_frame_pack_priority_spec(uint8_t *buf,
375
0
                                      const nghttp2_priority_spec *pri_spec) {
376
0
  nghttp2_put_uint32be(buf, (uint32_t)pri_spec->stream_id);
377
0
  if (pri_spec->exclusive) {
378
0
    buf[0] |= 0x80;
379
0
  }
380
0
  buf[4] = (uint8_t)(pri_spec->weight - 1);
381
0
}
382
383
void nghttp2_frame_unpack_priority_spec(nghttp2_priority_spec *pri_spec,
384
0
                                        const uint8_t *payload) {
385
0
  int32_t dep_stream_id;
386
0
  uint8_t exclusive;
387
0
  int32_t weight;
388
389
0
  dep_stream_id = nghttp2_get_uint32(payload) & NGHTTP2_STREAM_ID_MASK;
390
0
  exclusive = (payload[0] & 0x80) > 0;
391
0
  weight = payload[4] + 1;
392
393
0
  nghttp2_priority_spec_init(pri_spec, dep_stream_id, weight, exclusive);
394
0
}
395
396
int nghttp2_frame_unpack_headers_payload(nghttp2_headers *frame,
397
0
                                         const uint8_t *payload) {
398
0
  if (frame->hd.flags & NGHTTP2_FLAG_PRIORITY) {
399
0
    nghttp2_frame_unpack_priority_spec(&frame->pri_spec, payload);
400
0
  } else {
401
0
    nghttp2_priority_spec_default_init(&frame->pri_spec);
402
0
  }
403
404
0
  frame->nva = NULL;
405
0
  frame->nvlen = 0;
406
407
0
  return 0;
408
0
}
409
410
0
int nghttp2_frame_pack_priority(nghttp2_bufs *bufs, nghttp2_priority *frame) {
411
0
  nghttp2_buf *buf;
412
413
0
  assert(bufs->head == bufs->cur);
414
415
0
  buf = &bufs->head->buf;
416
417
0
  assert(nghttp2_buf_avail(buf) >= NGHTTP2_PRIORITY_SPECLEN);
418
419
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
420
421
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
422
423
0
  nghttp2_frame_pack_priority_spec(buf->last, &frame->pri_spec);
424
425
0
  buf->last += NGHTTP2_PRIORITY_SPECLEN;
426
427
0
  return 0;
428
0
}
429
430
void nghttp2_frame_unpack_priority_payload(nghttp2_priority *frame,
431
0
                                           const uint8_t *payload) {
432
0
  nghttp2_frame_unpack_priority_spec(&frame->pri_spec, payload);
433
0
}
434
435
int nghttp2_frame_pack_rst_stream(nghttp2_bufs *bufs,
436
0
                                  nghttp2_rst_stream *frame) {
437
0
  nghttp2_buf *buf;
438
439
0
  assert(bufs->head == bufs->cur);
440
441
0
  buf = &bufs->head->buf;
442
443
0
  assert(nghttp2_buf_avail(buf) >= 4);
444
445
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
446
447
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
448
449
0
  nghttp2_put_uint32be(buf->last, frame->error_code);
450
0
  buf->last += 4;
451
452
0
  return 0;
453
0
}
454
455
void nghttp2_frame_unpack_rst_stream_payload(nghttp2_rst_stream *frame,
456
0
                                             const uint8_t *payload) {
457
0
  frame->error_code = nghttp2_get_uint32(payload);
458
0
}
459
460
0
int nghttp2_frame_pack_settings(nghttp2_bufs *bufs, nghttp2_settings *frame) {
461
0
  nghttp2_buf *buf;
462
463
0
  assert(bufs->head == bufs->cur);
464
465
0
  buf = &bufs->head->buf;
466
467
0
  if (nghttp2_buf_avail(buf) < frame->hd.length) {
468
0
    return NGHTTP2_ERR_FRAME_SIZE_ERROR;
469
0
  }
470
471
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
472
473
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
474
475
0
  buf->last +=
476
0
      nghttp2_frame_pack_settings_payload(buf->last, frame->iv, frame->niv);
477
478
0
  return 0;
479
0
}
480
481
size_t nghttp2_frame_pack_settings_payload(uint8_t *buf,
482
                                           const nghttp2_settings_entry *iv,
483
0
                                           size_t niv) {
484
0
  size_t i;
485
0
  for (i = 0; i < niv; ++i, buf += NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH) {
486
0
    nghttp2_put_uint16be(buf, (uint16_t)iv[i].settings_id);
487
0
    nghttp2_put_uint32be(buf + 2, iv[i].value);
488
0
  }
489
0
  return NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH * niv;
490
0
}
491
492
void nghttp2_frame_unpack_settings_payload(nghttp2_settings *frame,
493
                                           nghttp2_settings_entry *iv,
494
0
                                           size_t niv) {
495
0
  frame->iv = iv;
496
0
  frame->niv = niv;
497
0
}
498
499
void nghttp2_frame_unpack_settings_entry(nghttp2_settings_entry *iv,
500
0
                                         const uint8_t *payload) {
501
0
  iv->settings_id = nghttp2_get_uint16(&payload[0]);
502
0
  iv->value = nghttp2_get_uint32(&payload[2]);
503
0
}
504
505
int nghttp2_frame_unpack_settings_payload2(nghttp2_settings_entry **iv_ptr,
506
                                           size_t *niv_ptr,
507
                                           const uint8_t *payload,
508
                                           size_t payloadlen,
509
0
                                           nghttp2_mem *mem) {
510
0
  size_t i;
511
512
0
  *niv_ptr = payloadlen / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH;
513
514
0
  if (*niv_ptr == 0) {
515
0
    *iv_ptr = NULL;
516
517
0
    return 0;
518
0
  }
519
520
0
  *iv_ptr =
521
0
      nghttp2_mem_malloc(mem, (*niv_ptr) * sizeof(nghttp2_settings_entry));
522
523
0
  if (*iv_ptr == NULL) {
524
0
    return NGHTTP2_ERR_NOMEM;
525
0
  }
526
527
0
  for (i = 0; i < *niv_ptr; ++i) {
528
0
    size_t off = i * NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH;
529
0
    nghttp2_frame_unpack_settings_entry(&(*iv_ptr)[i], &payload[off]);
530
0
  }
531
532
0
  return 0;
533
0
}
534
535
int nghttp2_frame_pack_push_promise(nghttp2_bufs *bufs,
536
                                    nghttp2_push_promise *frame,
537
0
                                    nghttp2_hd_deflater *deflater) {
538
0
  size_t nv_offset = 4;
539
0
  int rv;
540
0
  nghttp2_buf *buf;
541
542
0
  assert(bufs->head == bufs->cur);
543
544
0
  buf = &bufs->cur->buf;
545
546
0
  buf->pos += nv_offset;
547
0
  buf->last = buf->pos;
548
549
  /* This call will adjust buf->last to the correct position */
550
0
  rv = nghttp2_hd_deflate_hd_bufs(deflater, bufs, frame->nva, frame->nvlen);
551
552
0
  if (rv == NGHTTP2_ERR_BUFFER_ERROR) {
553
0
    rv = NGHTTP2_ERR_HEADER_COMP;
554
0
  }
555
556
0
  buf->pos -= nv_offset;
557
558
0
  if (rv != 0) {
559
0
    return rv;
560
0
  }
561
562
0
  nghttp2_put_uint32be(buf->pos, (uint32_t)frame->promised_stream_id);
563
564
0
  frame->padlen = 0;
565
0
  frame->hd.length = nghttp2_bufs_len(bufs);
566
567
0
  return frame_pack_headers_shared(bufs, &frame->hd);
568
0
}
569
570
int nghttp2_frame_unpack_push_promise_payload(nghttp2_push_promise *frame,
571
0
                                              const uint8_t *payload) {
572
0
  frame->promised_stream_id =
573
0
      nghttp2_get_uint32(payload) & NGHTTP2_STREAM_ID_MASK;
574
0
  frame->nva = NULL;
575
0
  frame->nvlen = 0;
576
0
  return 0;
577
0
}
578
579
0
int nghttp2_frame_pack_ping(nghttp2_bufs *bufs, nghttp2_ping *frame) {
580
0
  nghttp2_buf *buf;
581
582
0
  assert(bufs->head == bufs->cur);
583
584
0
  buf = &bufs->head->buf;
585
586
0
  assert(nghttp2_buf_avail(buf) >= 8);
587
588
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
589
590
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
591
592
0
  buf->last =
593
0
      nghttp2_cpymem(buf->last, frame->opaque_data, sizeof(frame->opaque_data));
594
595
0
  return 0;
596
0
}
597
598
void nghttp2_frame_unpack_ping_payload(nghttp2_ping *frame,
599
0
                                       const uint8_t *payload) {
600
0
  memcpy(frame->opaque_data, payload, sizeof(frame->opaque_data));
601
0
}
602
603
0
int nghttp2_frame_pack_goaway(nghttp2_bufs *bufs, nghttp2_goaway *frame) {
604
0
  int rv;
605
0
  nghttp2_buf *buf;
606
607
0
  assert(bufs->head == bufs->cur);
608
609
0
  buf = &bufs->head->buf;
610
611
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
612
613
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
614
615
0
  nghttp2_put_uint32be(buf->last, (uint32_t)frame->last_stream_id);
616
0
  buf->last += 4;
617
618
0
  nghttp2_put_uint32be(buf->last, frame->error_code);
619
0
  buf->last += 4;
620
621
0
  rv = nghttp2_bufs_add(bufs, frame->opaque_data, frame->opaque_data_len);
622
623
0
  if (rv == NGHTTP2_ERR_BUFFER_ERROR) {
624
0
    return NGHTTP2_ERR_FRAME_SIZE_ERROR;
625
0
  }
626
627
0
  if (rv != 0) {
628
0
    return rv;
629
0
  }
630
631
0
  return 0;
632
0
}
633
634
void nghttp2_frame_unpack_goaway_payload(nghttp2_goaway *frame,
635
                                         const uint8_t *payload,
636
                                         uint8_t *var_gift_payload,
637
0
                                         size_t var_gift_payloadlen) {
638
0
  frame->last_stream_id = nghttp2_get_uint32(payload) & NGHTTP2_STREAM_ID_MASK;
639
0
  frame->error_code = nghttp2_get_uint32(payload + 4);
640
641
0
  frame->opaque_data = var_gift_payload;
642
0
  frame->opaque_data_len = var_gift_payloadlen;
643
0
}
644
645
int nghttp2_frame_unpack_goaway_payload2(nghttp2_goaway *frame,
646
                                         const uint8_t *payload,
647
0
                                         size_t payloadlen, nghttp2_mem *mem) {
648
0
  uint8_t *var_gift_payload;
649
0
  size_t var_gift_payloadlen;
650
651
0
  if (payloadlen > 8) {
652
0
    var_gift_payloadlen = payloadlen - 8;
653
0
  } else {
654
0
    var_gift_payloadlen = 0;
655
0
  }
656
657
0
  payloadlen -= var_gift_payloadlen;
658
659
0
  if (!var_gift_payloadlen) {
660
0
    var_gift_payload = NULL;
661
0
  } else {
662
0
    var_gift_payload = nghttp2_mem_malloc(mem, var_gift_payloadlen);
663
664
0
    if (var_gift_payload == NULL) {
665
0
      return NGHTTP2_ERR_NOMEM;
666
0
    }
667
668
0
    memcpy(var_gift_payload, payload + 8, var_gift_payloadlen);
669
0
  }
670
671
0
  nghttp2_frame_unpack_goaway_payload(frame, payload, var_gift_payload,
672
0
                                      var_gift_payloadlen);
673
674
0
  return 0;
675
0
}
676
677
int nghttp2_frame_pack_window_update(nghttp2_bufs *bufs,
678
0
                                     nghttp2_window_update *frame) {
679
0
  nghttp2_buf *buf;
680
681
0
  assert(bufs->head == bufs->cur);
682
683
0
  buf = &bufs->head->buf;
684
685
0
  assert(nghttp2_buf_avail(buf) >= 4);
686
687
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
688
689
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
690
691
0
  nghttp2_put_uint32be(buf->last, (uint32_t)frame->window_size_increment);
692
0
  buf->last += 4;
693
694
0
  return 0;
695
0
}
696
697
void nghttp2_frame_unpack_window_update_payload(nghttp2_window_update *frame,
698
0
                                                const uint8_t *payload) {
699
0
  frame->window_size_increment =
700
0
      nghttp2_get_uint32(payload) & NGHTTP2_WINDOW_SIZE_INCREMENT_MASK;
701
0
}
702
703
0
int nghttp2_frame_pack_altsvc(nghttp2_bufs *bufs, nghttp2_extension *frame) {
704
0
  int rv;
705
0
  nghttp2_buf *buf;
706
0
  nghttp2_ext_altsvc *altsvc;
707
708
  /* This is required with --disable-assert. */
709
0
  (void)rv;
710
711
0
  altsvc = frame->payload;
712
713
0
  buf = &bufs->head->buf;
714
715
0
  assert(nghttp2_buf_avail(buf) >=
716
0
         2 + altsvc->origin_len + altsvc->field_value_len);
717
718
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
719
720
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
721
722
0
  nghttp2_put_uint16be(buf->last, (uint16_t)altsvc->origin_len);
723
0
  buf->last += 2;
724
725
0
  rv = nghttp2_bufs_add(bufs, altsvc->origin, altsvc->origin_len);
726
727
0
  assert(rv == 0);
728
729
0
  rv = nghttp2_bufs_add(bufs, altsvc->field_value, altsvc->field_value_len);
730
731
0
  assert(rv == 0);
732
733
0
  return 0;
734
0
}
735
736
void nghttp2_frame_unpack_altsvc_payload(nghttp2_extension *frame,
737
                                         size_t origin_len, uint8_t *payload,
738
0
                                         size_t payloadlen) {
739
0
  nghttp2_ext_altsvc *altsvc;
740
0
  uint8_t *p;
741
742
0
  altsvc = frame->payload;
743
0
  p = payload;
744
745
0
  altsvc->origin = p;
746
747
0
  p += origin_len;
748
749
0
  altsvc->origin_len = origin_len;
750
751
0
  altsvc->field_value = p;
752
0
  altsvc->field_value_len = (size_t)(payload + payloadlen - p);
753
0
}
754
755
int nghttp2_frame_unpack_altsvc_payload2(nghttp2_extension *frame,
756
                                         const uint8_t *payload,
757
0
                                         size_t payloadlen, nghttp2_mem *mem) {
758
0
  uint8_t *buf;
759
0
  size_t origin_len;
760
761
0
  if (payloadlen < 2) {
762
0
    return NGHTTP2_FRAME_SIZE_ERROR;
763
0
  }
764
765
0
  origin_len = nghttp2_get_uint16(payload);
766
767
0
  buf = nghttp2_mem_malloc(mem, payloadlen - 2);
768
0
  if (!buf) {
769
0
    return NGHTTP2_ERR_NOMEM;
770
0
  }
771
772
0
  nghttp2_cpymem(buf, payload + 2, payloadlen - 2);
773
774
0
  nghttp2_frame_unpack_altsvc_payload(frame, origin_len, buf, payloadlen - 2);
775
776
0
  return 0;
777
0
}
778
779
0
int nghttp2_frame_pack_origin(nghttp2_bufs *bufs, nghttp2_extension *frame) {
780
0
  nghttp2_buf *buf;
781
0
  nghttp2_ext_origin *origin;
782
0
  nghttp2_origin_entry *orig;
783
0
  size_t i;
784
785
0
  origin = frame->payload;
786
787
0
  buf = &bufs->head->buf;
788
789
0
  if (nghttp2_buf_avail(buf) < frame->hd.length) {
790
0
    return NGHTTP2_ERR_FRAME_SIZE_ERROR;
791
0
  }
792
793
0
  buf->pos -= NGHTTP2_FRAME_HDLEN;
794
795
0
  nghttp2_frame_pack_frame_hd(buf->pos, &frame->hd);
796
797
0
  for (i = 0; i < origin->nov; ++i) {
798
0
    orig = &origin->ov[i];
799
0
    nghttp2_put_uint16be(buf->last, (uint16_t)orig->origin_len);
800
0
    buf->last += 2;
801
0
    buf->last = nghttp2_cpymem(buf->last, orig->origin, orig->origin_len);
802
0
  }
803
804
0
  assert(nghttp2_buf_len(buf) == NGHTTP2_FRAME_HDLEN + frame->hd.length);
805
806
0
  return 0;
807
0
}
808
809
int nghttp2_frame_unpack_origin_payload(nghttp2_extension *frame,
810
                                        const uint8_t *payload,
811
0
                                        size_t payloadlen, nghttp2_mem *mem) {
812
0
  nghttp2_ext_origin *origin;
813
0
  const uint8_t *p, *end;
814
0
  uint8_t *dst;
815
0
  size_t originlen;
816
0
  nghttp2_origin_entry *ov;
817
0
  size_t nov = 0;
818
0
  size_t len = 0;
819
820
0
  origin = frame->payload;
821
0
  p = payload;
822
0
  end = p + payloadlen;
823
824
0
  for (; p != end;) {
825
0
    if (end - p < 2) {
826
0
      return NGHTTP2_ERR_FRAME_SIZE_ERROR;
827
0
    }
828
0
    originlen = nghttp2_get_uint16(p);
829
0
    p += 2;
830
0
    if (originlen == 0) {
831
0
      continue;
832
0
    }
833
0
    if (originlen > (size_t)(end - p)) {
834
0
      return NGHTTP2_ERR_FRAME_SIZE_ERROR;
835
0
    }
836
0
    p += originlen;
837
    /* 1 for terminal NULL */
838
0
    len += originlen + 1;
839
0
    ++nov;
840
0
  }
841
842
0
  if (nov == 0) {
843
0
    origin->ov = NULL;
844
0
    origin->nov = 0;
845
846
0
    return 0;
847
0
  }
848
849
0
  len += nov * sizeof(nghttp2_origin_entry);
850
851
0
  ov = nghttp2_mem_malloc(mem, len);
852
0
  if (ov == NULL) {
853
0
    return NGHTTP2_ERR_NOMEM;
854
0
  }
855
856
0
  origin->ov = ov;
857
0
  origin->nov = nov;
858
859
0
  dst = (uint8_t *)ov + nov * sizeof(nghttp2_origin_entry);
860
0
  p = payload;
861
862
0
  for (; p != end;) {
863
0
    originlen = nghttp2_get_uint16(p);
864
0
    p += 2;
865
0
    if (originlen == 0) {
866
0
      continue;
867
0
    }
868
0
    ov->origin = dst;
869
0
    ov->origin_len = originlen;
870
0
    dst = nghttp2_cpymem(dst, p, originlen);
871
0
    *dst++ = '\0';
872
0
    p += originlen;
873
0
    ++ov;
874
0
  }
875
876
0
  return 0;
877
0
}
878
879
nghttp2_settings_entry *nghttp2_frame_iv_copy(const nghttp2_settings_entry *iv,
880
0
                                              size_t niv, nghttp2_mem *mem) {
881
0
  nghttp2_settings_entry *iv_copy;
882
0
  size_t len = niv * sizeof(nghttp2_settings_entry);
883
884
0
  if (len == 0) {
885
0
    return NULL;
886
0
  }
887
888
0
  iv_copy = nghttp2_mem_malloc(mem, len);
889
890
0
  if (iv_copy == NULL) {
891
0
    return NULL;
892
0
  }
893
894
0
  memcpy(iv_copy, iv, len);
895
896
0
  return iv_copy;
897
0
}
898
899
0
int nghttp2_nv_equal(const nghttp2_nv *a, const nghttp2_nv *b) {
900
0
  return a->namelen == b->namelen && a->valuelen == b->valuelen &&
901
0
         memcmp(a->name, b->name, a->namelen) == 0 &&
902
0
         memcmp(a->value, b->value, a->valuelen) == 0;
903
0
}
904
905
0
void nghttp2_nv_array_del(nghttp2_nv *nva, nghttp2_mem *mem) {
906
0
  nghttp2_mem_free(mem, nva);
907
0
}
908
909
static int bytes_compar(const uint8_t *a, size_t alen, const uint8_t *b,
910
0
                        size_t blen) {
911
0
  int rv;
912
913
0
  if (alen == blen) {
914
0
    return memcmp(a, b, alen);
915
0
  }
916
917
0
  if (alen < blen) {
918
0
    rv = memcmp(a, b, alen);
919
920
0
    if (rv == 0) {
921
0
      return -1;
922
0
    }
923
924
0
    return rv;
925
0
  }
926
927
0
  rv = memcmp(a, b, blen);
928
929
0
  if (rv == 0) {
930
0
    return 1;
931
0
  }
932
933
0
  return rv;
934
0
}
935
936
0
int nghttp2_nv_compare_name(const nghttp2_nv *lhs, const nghttp2_nv *rhs) {
937
0
  return bytes_compar(lhs->name, lhs->namelen, rhs->name, rhs->namelen);
938
0
}
939
940
0
static int nv_compar(const void *lhs, const void *rhs) {
941
0
  const nghttp2_nv *a = (const nghttp2_nv *)lhs;
942
0
  const nghttp2_nv *b = (const nghttp2_nv *)rhs;
943
0
  int rv;
944
945
0
  rv = bytes_compar(a->name, a->namelen, b->name, b->namelen);
946
947
0
  if (rv == 0) {
948
0
    return bytes_compar(a->value, a->valuelen, b->value, b->valuelen);
949
0
  }
950
951
0
  return rv;
952
0
}
953
954
0
void nghttp2_nv_array_sort(nghttp2_nv *nva, size_t nvlen) {
955
0
  qsort(nva, nvlen, sizeof(nghttp2_nv), nv_compar);
956
0
}
957
958
int nghttp2_nv_array_copy(nghttp2_nv **nva_ptr, const nghttp2_nv *nva,
959
0
                          size_t nvlen, nghttp2_mem *mem) {
960
0
  size_t i;
961
0
  uint8_t *data = NULL;
962
0
  size_t buflen = 0;
963
0
  nghttp2_nv *p;
964
965
0
  if (nvlen == 0) {
966
0
    *nva_ptr = NULL;
967
968
0
    return 0;
969
0
  }
970
971
0
  for (i = 0; i < nvlen; ++i) {
972
    /* + 1 for null-termination */
973
0
    if ((nva[i].flags & NGHTTP2_NV_FLAG_NO_COPY_NAME) == 0) {
974
0
      buflen += nva[i].namelen + 1;
975
0
    }
976
0
    if ((nva[i].flags & NGHTTP2_NV_FLAG_NO_COPY_VALUE) == 0) {
977
0
      buflen += nva[i].valuelen + 1;
978
0
    }
979
0
  }
980
981
0
  buflen += sizeof(nghttp2_nv) * nvlen;
982
983
0
  *nva_ptr = nghttp2_mem_malloc(mem, buflen);
984
985
0
  if (*nva_ptr == NULL) {
986
0
    return NGHTTP2_ERR_NOMEM;
987
0
  }
988
989
0
  p = *nva_ptr;
990
0
  data = (uint8_t *)(*nva_ptr) + sizeof(nghttp2_nv) * nvlen;
991
992
0
  for (i = 0; i < nvlen; ++i) {
993
0
    p->flags = nva[i].flags;
994
995
0
    if (nva[i].flags & NGHTTP2_NV_FLAG_NO_COPY_NAME) {
996
0
      p->name = nva[i].name;
997
0
      p->namelen = nva[i].namelen;
998
0
    } else {
999
0
      if (nva[i].namelen) {
1000
0
        memcpy(data, nva[i].name, nva[i].namelen);
1001
0
      }
1002
0
      p->name = data;
1003
0
      p->namelen = nva[i].namelen;
1004
0
      data[p->namelen] = '\0';
1005
0
      nghttp2_downcase(p->name, p->namelen);
1006
0
      data += nva[i].namelen + 1;
1007
0
    }
1008
1009
0
    if (nva[i].flags & NGHTTP2_NV_FLAG_NO_COPY_VALUE) {
1010
0
      p->value = nva[i].value;
1011
0
      p->valuelen = nva[i].valuelen;
1012
0
    } else {
1013
0
      if (nva[i].valuelen) {
1014
0
        memcpy(data, nva[i].value, nva[i].valuelen);
1015
0
      }
1016
0
      p->value = data;
1017
0
      p->valuelen = nva[i].valuelen;
1018
0
      data[p->valuelen] = '\0';
1019
0
      data += nva[i].valuelen + 1;
1020
0
    }
1021
1022
0
    ++p;
1023
0
  }
1024
0
  return 0;
1025
0
}
1026
1027
0
int nghttp2_iv_check(const nghttp2_settings_entry *iv, size_t niv) {
1028
0
  size_t i;
1029
0
  for (i = 0; i < niv; ++i) {
1030
0
    switch (iv[i].settings_id) {
1031
0
    case NGHTTP2_SETTINGS_HEADER_TABLE_SIZE:
1032
0
      break;
1033
0
    case NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS:
1034
0
      break;
1035
0
    case NGHTTP2_SETTINGS_ENABLE_PUSH:
1036
0
      if (iv[i].value != 0 && iv[i].value != 1) {
1037
0
        return 0;
1038
0
      }
1039
0
      break;
1040
0
    case NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE:
1041
0
      if (iv[i].value > (uint32_t)NGHTTP2_MAX_WINDOW_SIZE) {
1042
0
        return 0;
1043
0
      }
1044
0
      break;
1045
0
    case NGHTTP2_SETTINGS_MAX_FRAME_SIZE:
1046
0
      if (iv[i].value < NGHTTP2_MAX_FRAME_SIZE_MIN ||
1047
0
          iv[i].value > NGHTTP2_MAX_FRAME_SIZE_MAX) {
1048
0
        return 0;
1049
0
      }
1050
0
      break;
1051
0
    case NGHTTP2_SETTINGS_MAX_HEADER_LIST_SIZE:
1052
0
      break;
1053
0
    case NGHTTP2_SETTINGS_ENABLE_CONNECT_PROTOCOL:
1054
0
      if (iv[i].value != 0 && iv[i].value != 1) {
1055
0
        return 0;
1056
0
      }
1057
0
      break;
1058
0
    }
1059
0
  }
1060
0
  return 1;
1061
0
}
1062
1063
0
static void frame_set_pad(nghttp2_buf *buf, size_t padlen, int framehd_only) {
1064
0
  size_t trail_padlen;
1065
0
  size_t newlen;
1066
1067
0
  DEBUGF("send: padlen=%zu, shift left 1 bytes\n", padlen);
1068
1069
0
  memmove(buf->pos - 1, buf->pos, NGHTTP2_FRAME_HDLEN);
1070
1071
0
  --buf->pos;
1072
1073
0
  buf->pos[4] |= NGHTTP2_FLAG_PADDED;
1074
1075
0
  newlen = (nghttp2_get_uint32(buf->pos) >> 8) + padlen;
1076
0
  nghttp2_put_uint32be(buf->pos, (uint32_t)((newlen << 8) + buf->pos[3]));
1077
1078
0
  if (framehd_only) {
1079
0
    return;
1080
0
  }
1081
1082
0
  trail_padlen = padlen - 1;
1083
0
  buf->pos[NGHTTP2_FRAME_HDLEN] = (uint8_t)trail_padlen;
1084
1085
  /* zero out padding */
1086
0
  memset(buf->last, 0, trail_padlen);
1087
  /* extend buffers trail_padlen bytes, since we ate previous padlen -
1088
     trail_padlen byte(s) */
1089
0
  buf->last += trail_padlen;
1090
0
}
1091
1092
int nghttp2_frame_add_pad(nghttp2_bufs *bufs, nghttp2_frame_hd *hd,
1093
0
                          size_t padlen, int framehd_only) {
1094
0
  nghttp2_buf *buf;
1095
1096
0
  if (padlen == 0) {
1097
0
    DEBUGF("send: padlen = 0, nothing to do\n");
1098
1099
0
    return 0;
1100
0
  }
1101
1102
  /*
1103
   * We have arranged bufs like this:
1104
   *
1105
   *  0                   1                   2                   3
1106
   *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1107
   * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1108
   * | |Frame header     | Frame payload...                          :
1109
   * +-+-----------------+-------------------------------------------+
1110
   * | |Frame header     | Frame payload...                          :
1111
   * +-+-----------------+-------------------------------------------+
1112
   * | |Frame header     | Frame payload...                          :
1113
   * +-+-----------------+-------------------------------------------+
1114
   *
1115
   * We arranged padding so that it is included in the first frame
1116
   * completely.  For padded frame, we are going to adjust buf->pos of
1117
   * frame which includes padding and serialize (memmove) frame header
1118
   * in the correct position.  Also extends buf->last to include
1119
   * padding.
1120
   */
1121
1122
0
  buf = &bufs->head->buf;
1123
1124
0
  assert(nghttp2_buf_avail(buf) >= padlen - 1);
1125
1126
0
  frame_set_pad(buf, padlen, framehd_only);
1127
1128
0
  hd->length += padlen;
1129
0
  hd->flags |= NGHTTP2_FLAG_PADDED;
1130
1131
0
  DEBUGF("send: final payloadlen=%zu, padlen=%zu\n", hd->length, padlen);
1132
1133
0
  return 0;
1134
0
}