File tree Expand file tree Collapse file tree 3 files changed +22
-0
lines changed
Expand file tree Collapse file tree 3 files changed +22
-0
lines changed Original file line number Diff line number Diff line change @@ -13,6 +13,8 @@ Release History
1313- Fixed padding parsing for ``PushPromiseFrame ``.
1414- Fixed unchecked frame length for ``PriorityFrame ``. It now correctly raises ``InvalidFrameError ``.
1515- Fixed promised stream id parsing for ``PushPromiseFrame ``.
16+ - Fixed unchecked frame length for ``WindowUpdateFrame ``. It now correctly raises ``InvalidFrameError ``.
17+ - Fixed window increment value range validation. It must be 1 <= increment <= 2^31-1.
1618
1719**Other Changes **
1820
Original file line number Diff line number Diff line change @@ -622,11 +622,22 @@ def serialize_body(self):
622622 return _STRUCT_L .pack (self .window_increment & 0x7FFFFFFF )
623623
624624 def parse_body (self , data ):
625+ if len (data ) > 4 :
626+ raise InvalidFrameError (
627+ "WINDOW_UPDATE frame must have 4 byte length: got %s" %
628+ len (data )
629+ )
630+
625631 try :
626632 self .window_increment = _STRUCT_L .unpack (data )[0 ]
627633 except struct .error :
628634 raise InvalidFrameError ("Invalid WINDOW_UPDATE body" )
629635
636+ if not 1 <= self .window_increment <= 2 ** 31 - 1 :
637+ raise InvalidFrameError (
638+ "WINDOW_UPDATE increment must be between 1 to 2^31-1"
639+ )
640+
630641 self .body_len = 4
631642
632643
Original file line number Diff line number Diff line change @@ -604,10 +604,19 @@ def test_windowupdate_frame_parses_properly(self):
604604
605605 def test_short_windowupdate_frame_errors (self ):
606606 s = b'\x00 \x00 \x04 \x08 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x02 ' # -1 byte
607+ with pytest .raises (InvalidFrameError ):
608+ decode_frame (s )
607609
610+ s = b'\x00 \x00 \x05 \x08 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x02 '
608611 with pytest .raises (InvalidFrameError ):
609612 decode_frame (s )
610613
614+ with pytest .raises (InvalidFrameError ):
615+ decode_frame (WindowUpdateFrame (0 ).serialize ())
616+
617+ with pytest .raises (InvalidFrameError ):
618+ decode_frame (WindowUpdateFrame (2 ** 31 ).serialize ())
619+
611620
612621class TestHeadersFrame (object ):
613622 def test_headers_frame_flags (self ):
You can’t perform that action at this time.
0 commit comments