-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http2: Node crashes with an assertion error if an http2 server is closed after receiving and rejecting very large headers #35233
Comments
I can confirm that the crash still happens with v14.11.0. It seems to be fixed on the master branch but I can't immediately pinpoint the responsible commit. cc @nodejs/http2 |
When we get a ERR_HTTP2_SESSION_ERROR, node still crashes. Happens at 17.0.0 version. Do we have any ideas on how to prevent that from happening? |
@zerobytes it would be awesome to receive a PR to fix this bug. |
Hey! I was working on it, but lately, I'm not having time to work on it. So I'd like to share my findings about this issue to help anyone who wants to fix it.
const http2 = require('http2');
const server = http2.createServer((req, res) => {
res.end()
});
server.listen(8080, () => {
const clientSession = http2.connect('http://localhost:8080', {
maxSendHeaderBlockLength: Number.MAX_SAFE_INTEGER,
// maxSendHeaderBlockLength: 10,
});
clientSession.on('error', (error) => {
console.log(error);
})
const stream = clientSession.request({
'test-header': 'A'.repeat(87382)
});
stream.on('close', () => {
console.log(`Stream closed with RST_STREAM code ${stream.rstCode}`);
clientSession.close();
server.close();
});
stream.on('error', (error) => {
console.log(error);
})
stream.end();
}); And if you decrease the What happens under the hood is that When you run the above script using nghttp2 debug mode you will get the following results: using 87381
using 87382
However, it is not the real bug. What happens, in reality, is that the Not sure if I could explain properly, but basically, when An obvious “fix” is to sync the maxHeaderBufferLength with nghttp2 header limit, but I’m not a fan of this approach. Also, is not clear to me if that is a bug inside nghttp2 or our current implementation. For someone who will take it in the coming days, check which functions are calling the Note: it might be related to #28632 (comment) cc: @addaleax (I'm tagging you because you might have a quick solution on mind) |
@mcollina could you close this one? |
What steps will reproduce the bug?
How often does it reproduce? Is there a required condition?
This reproduction is 100% consistent.
What is the expected behavior?
What do you see instead?
Additional information
This is related to #35218 regarding the handling of very large request headers.
The text was updated successfully, but these errors were encountered: