diff --git a/src/core/transport/chttp2/frame_settings.c b/src/core/transport/chttp2/frame_settings.c index d7c9f7ed695..f03fb459081 100644 --- a/src/core/transport/chttp2/frame_settings.c +++ b/src/core/transport/chttp2/frame_settings.c @@ -44,6 +44,8 @@ #include "src/core/transport/chttp2/http2_errors.h" #include "src/core/transport/chttp2_transport.h" +#define MAX_MAX_HEADER_LIST_SIZE (1024*1024*1024) + /* HTTP/2 mandated initial connection settings */ const grpc_chttp2_setting_parameters grpc_chttp2_settings_parameters[GRPC_CHTTP2_NUM_SETTINGS] = { @@ -60,7 +62,7 @@ const grpc_chttp2_setting_parameters GRPC_CHTTP2_FLOW_CONTROL_ERROR}, {"MAX_FRAME_SIZE", 16384, 16384, 16777215, GRPC_CHTTP2_DISCONNECT_ON_INVALID_VALUE, GRPC_CHTTP2_PROTOCOL_ERROR}, - {"MAX_HEADER_LIST_SIZE", 0xffffffffu, 0, 0xffffffffu, + {"MAX_HEADER_LIST_SIZE", MAX_MAX_HEADER_LIST_SIZE, 0, MAX_MAX_HEADER_LIST_SIZE, GRPC_CHTTP2_CLAMP_INVALID_VALUE, GRPC_CHTTP2_PROTOCOL_ERROR}, }; diff --git a/test/core/bad_client/tests/initial_settings_frame.c b/test/core/bad_client/tests/initial_settings_frame.c index 6ed15bbed14..129c667f713 100644 --- a/test/core/bad_client/tests/initial_settings_frame.c +++ b/test/core/bad_client/tests/initial_settings_frame.c @@ -94,7 +94,15 @@ int main(int argc, char **argv) { /* some settings values are illegal */ /* max frame size = 0 */ GRPC_RUN_BAD_CLIENT_TEST(verifier, - PFX_STR ONE_SETTING_HDR "\x00\x05\x00\x00\x00\x00", GRPC_BAD_CLIENT_DISCONNECT); + PFX_STR ONE_SETTING_HDR "\x00\x05\x00\x00\x00\x00", + GRPC_BAD_CLIENT_DISCONNECT); + GRPC_RUN_BAD_CLIENT_TEST(verifier, + PFX_STR ONE_SETTING_HDR "\x00\x06\xff\xff\xff\xff", + GRPC_BAD_CLIENT_DISCONNECT); + /* update intiial window size */ + GRPC_RUN_BAD_CLIENT_TEST(verifier, + PFX_STR ONE_SETTING_HDR "\x00\x04\x00\x01\x00\x00", + GRPC_BAD_CLIENT_DISCONNECT); return 0; }