Mercurial > hg > nginx
changeset 7385:1c6b6163c039 stable-1.14
HTTP/2: flood detection.
Fixed uncontrolled memory growth in case peer is flooding us with
some frames (e.g., SETTINGS and PING) and doesn't read data. Fix
is to limit the number of allocated control frames.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Tue, 06 Nov 2018 16:29:35 +0300 |
parents | fdc19a3289c1 |
children | 9200b41db765 |
files | src/http/v2/ngx_http_v2.c src/http/v2/ngx_http_v2.h |
diffstat | 2 files changed, 12 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/http/v2/ngx_http_v2.c Tue Nov 06 16:29:18 2018 +0300 +++ b/src/http/v2/ngx_http_v2.c Tue Nov 06 16:29:35 2018 +0300 @@ -664,6 +664,7 @@ h2c->pool = NULL; h2c->free_frames = NULL; + h2c->frames = 0; h2c->free_fake_connections = NULL; #if (NGX_HTTP_SSL) @@ -2895,7 +2896,7 @@ frame->blocked = 0; - } else { + } else if (h2c->frames < 10000) { pool = h2c->pool ? h2c->pool : h2c->connection->pool; frame = ngx_pcalloc(pool, sizeof(ngx_http_v2_out_frame_t)); @@ -2919,6 +2920,15 @@ frame->last = frame->first; frame->handler = ngx_http_v2_frame_handler; + + h2c->frames++; + + } else { + ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, + "http2 flood detected"); + + h2c->connection->error = 1; + return NULL; } #if (NGX_DEBUG)