Actions
Bug #3956
closedHTTP2 support variable integer lengths for headers
Affected Versions:
Effort:
Difficulty:
Label:
Description
HTTP2 has a specific encoding for integer, starting with only a subset of bits for the first byte.
see https://tools.ietf.org/html/rfc7541#section-5.1
It was not supported for headers, even if it was supported for dynamic table size update
Files
Updated by Philippe Antoine over 3 years ago
- Status changed from Assigned to In Review
Updated by David Beckett over 3 years ago
I'm getting a invalid frame length with the attached pcap
{"timestamp":"2020-10-01T06:01:31.996386-0400","flow_id":1775817192543658,"pcap_cnt":858,"event_type":"anomaly","src_ip":"172.217.2.118","src_port":443,"dest_ip":"192.168.122.7","dest_port":37594,"proto":"TCP","tx_id":29,"community_id":"1:pO52xCkcc3tKLkWCOP1fHOx4XOw=","anomaly":{"app_proto":"http2","type":"applayer","event":"invalid_frame_length","layer":"proto_parser"}}
{"timestamp":"2020-10-01T06:01:31.996386-0400","flow_id":1775817192543658,"pcap_cnt":858,"event_type":"anomaly","src_ip":"172.217.2.118","src_port":443,"dest_ip":"192.168.122.7","dest_port":37594,"proto":"TCP","tx_id":29,"community_id":"1:pO52xCkcc3tKLkWCOP1fHOx4XOw=","anomaly":{"app_proto":"http2","type":"applayer","event":"invalid_frame_length","layer":"proto_parser"}}
This is with commit 080f6b from PR httpfixv6
Updated by Philippe Antoine over 3 years ago
Thanks again and again :-)
I had skipped a line in the RFC
Updated by David Beckett over 3 years ago
Tested PR5460 with around 50 websites and am getting no anomalies so all bugs on my side are fixed within this PR :)
Updated by Victor Julien over 3 years ago
- Status changed from In Review to Closed
Actions