#12690 cap MAX_HEADER_LIST_SIZE

lorban · lorban · commit 9a44908bee01 · 2025-01-10T16:31:14.000+01:00
Signed-off-by: Ludovic Orban &lt;lorban@bitronix.be&gt;
diff --git a/jetty-core/jetty-http2/jetty-http2-common/src/main/java/org/eclipse/jetty/http2/HTTP2Session.java b/jetty-core/jetty-http2/jetty-http2-common/src/main/java/org/eclipse/jetty/http2/HTTP2Session.java
@@ -464,9 +464,14 @@ private void configure(Map<Integer, Integer> settings, boolean local)
                     if (LOG.isDebugEnabled())
                         LOG.debug("Updating {} max header list size to {} for {}", local ? "decoder" : "encoder", value, this);
                     if (local)
+                    {
                         parser.getHpackDecoder().setMaxHeaderListSize(value);
+                    }
                     else
-                        generator.getHpackEncoder().setMaxHeaderListSize(value);
+                    {
+                        HpackEncoder hpackEncoder = generator.getHpackEncoder();
+                        hpackEncoder.setMaxHeaderListSize(Math.min(value, hpackEncoder.getMaxHeaderListSize()));
+                    }
                 }
                 case SettingsFrame.ENABLE_CONNECT_PROTOCOL ->
                 {
diff --git a/jetty-core/jetty-http2/jetty-http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackEncoder.java b/jetty-core/jetty-http2/jetty-http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackEncoder.java
@@ -156,7 +156,7 @@ public int getMaxHeaderListSize()
 
     public void setMaxHeaderListSize(int maxHeaderListSize)
     {
-        _maxHeaderListSize = maxHeaderListSize;
+        _maxHeaderListSize = maxHeaderListSize > 0 ? maxHeaderListSize : HpackContext.DEFAULT_MAX_HEADER_LIST_SIZE;
     }
 
     public HpackContext getHpackContext()
diff --git a/jetty-core/jetty-http2/jetty-http2-tests/src/test/java/org/eclipse/jetty/http2/tests/SettingsTest.java b/jetty-core/jetty-http2/jetty-http2-tests/src/test/java/org/eclipse/jetty/http2/tests/SettingsTest.java
@@ -446,6 +446,42 @@ public void onGoAway(Session session, GoAwayFrame frame)
         assertTrue(goAwayLatch.await(5, TimeUnit.SECONDS));
     }
 
+    @Test
+    public void testMaxHeaderListSizeCappedByClient() throws Exception
+    {
+        int maxHeadersSize = 2 * 1024;
+        CountDownLatch goAwayLatch = new CountDownLatch(1);
+        start(new ServerSessionListener()
+        {
+            @Override
+            public Map<Integer, Integer> onPreface(Session session)
+            {
+                return Map.of(SettingsFrame.MAX_HEADER_LIST_SIZE, maxHeadersSize);
+            }
+
+            @Override
+            public void onGoAway(Session session, GoAwayFrame frame)
+            {
+                goAwayLatch.countDown();
+            }
+        });
+        http2Client.setMaxRequestHeadersSize(maxHeadersSize / 2);
+
+        Session clientSession = newClientSession(new Session.Listener() {});
+        HttpFields requestHeaders = HttpFields.build()
+            .put("X-Large", "x".repeat(maxHeadersSize - 256)); // 256 bytes to account for the other headers
+        MetaData.Request request = newRequest("GET", requestHeaders);
+        HeadersFrame frame = new HeadersFrame(request, null, true);
+
+        Throwable failure = assertThrows(ExecutionException.class,
+            () -> clientSession.newStream(frame, new Stream.Listener() {}).get(5, TimeUnit.SECONDS))
+            .getCause();
+        // The HPACK context is compromised trying to encode the large header.
+        assertThat(failure, Matchers.instanceOf(HpackException.SessionException.class));
+
+        assertTrue(goAwayLatch.await(5, TimeUnit.SECONDS));
+    }
+
     @Test
     public void testMaxHeaderListSizeExceededByServer() throws Exception
     {

Original file line number	Diff line number	Diff line change
`@@ -156,7 +156,7 @@ public int getMaxHeaderListSize()`
`156`	`156`
`157`	`157`	`public void setMaxHeaderListSize(int maxHeaderListSize)`
`158`	`158`	`{`
`159`		`- _maxHeaderListSize = maxHeaderListSize;`
	`159`	`+ _maxHeaderListSize = maxHeaderListSize > 0 ? maxHeaderListSize : HpackContext.DEFAULT_MAX_HEADER_LIST_SIZE;`
`160`	`160`	`}`
`161`	`161`
`162`	`162`	`public HpackContext getHpackContext()`