From 8a5bce35419abd3d0b51498afcdd091b39683930 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Wed, 29 Apr 2015 07:49:47 -0700 Subject: [PATCH] Incoming stream id validation fixes - correct log message on an invalid stream id - add an additional check that the low bit indicates a client stream id on the server --- src/core/transport/chttp2_transport.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/core/transport/chttp2_transport.c b/src/core/transport/chttp2_transport.c index e32ee284e09..1bb6e7f9608 100644 --- a/src/core/transport/chttp2_transport.c +++ b/src/core/transport/chttp2_transport.c @@ -1327,7 +1327,10 @@ static int init_header_frame_parser(transport *t, int is_continuation) { gpr_log(GPR_ERROR, "ignoring out of order new stream request on server; last stream " "id=%d, new stream id=%d", - t->last_incoming_stream_id, t->incoming_stream); + t->last_incoming_stream_id, t->incoming_stream_id); + return init_skip_frame(t, 1); + } else if ((t->incoming_stream_id & 1) == 0) { + gpr_log(GPR_ERROR, "ignoring stream with non-client generated index %d", t->incoming_stream_id); return init_skip_frame(t, 1); } t->incoming_stream = NULL;