diff options
| author | Ruslan Ermilov <ru@nginx.com> | 2019-08-13 15:43:40 +0300 |
|---|---|---|
| committer | Ruslan Ermilov <ru@nginx.com> | 2019-08-13 15:43:40 +0300 |
| commit | 5ae726912654da10a9a81b2c8436829f3e94f69f (patch) | |
| tree | 31a0555449d15d341d0c0f1812b1fb11f8f647d4 | |
| parent | a987f81dd19210bc30b62591db331e31d3d74089 (diff) | |
| download | nginx-5ae726912654da10a9a81b2c8436829f3e94f69f.tar.gz nginx-5ae726912654da10a9a81b2c8436829f3e94f69f.tar.bz2 | |
HTTP/2: limited number of PRIORITY frames.
Fixed excessive CPU usage caused by a peer that continuously shuffles
priority of streams. Fix is to limit the number of PRIORITY frames.
| -rw-r--r-- | src/http/v2/ngx_http_v2.c | 10 | ||||
| -rw-r--r-- | src/http/v2/ngx_http_v2.h | 1 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c index 88e2bb9fb..e55f9bab6 100644 --- a/src/http/v2/ngx_http_v2.c +++ b/src/http/v2/ngx_http_v2.c @@ -273,6 +273,7 @@ ngx_http_v2_init(ngx_event_t *rev) h2scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v2_module); h2c->concurrent_pushes = h2scf->concurrent_pushes; + h2c->priority_limit = h2scf->concurrent_streams; h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log); if (h2c->pool == NULL) { @@ -1804,6 +1805,13 @@ ngx_http_v2_state_priority(ngx_http_v2_connection_t *h2c, u_char *pos, return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_SIZE_ERROR); } + if (--h2c->priority_limit == 0) { + ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, + "client sent too many PRIORITY frames"); + + return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_ENHANCE_YOUR_CALM); + } + if (end - pos < NGX_HTTP_V2_PRIORITY_SIZE) { return ngx_http_v2_state_save(h2c, pos, end, ngx_http_v2_state_priority); @@ -3120,6 +3128,8 @@ ngx_http_v2_create_stream(ngx_http_v2_connection_t *h2c, ngx_uint_t push) h2c->processing++; } + h2c->priority_limit += h2scf->concurrent_streams; + return stream; } diff --git a/src/http/v2/ngx_http_v2.h b/src/http/v2/ngx_http_v2.h index 715b7d30c..69d55d1cb 100644 --- a/src/http/v2/ngx_http_v2.h +++ b/src/http/v2/ngx_http_v2.h @@ -122,6 +122,7 @@ struct ngx_http_v2_connection_s { ngx_uint_t processing; ngx_uint_t frames; ngx_uint_t idle; + ngx_uint_t priority_limit; ngx_uint_t pushing; ngx_uint_t concurrent_pushes; |