Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / f41dfc22b20b2b5c295e8d80e062b896e7153b88
commitf41dfc22b20b2b5c295e8d80e062b896e7153b88[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Fri Mar 17 16:40:09 2023 +0100
committerWilly Tarreau <w@1wt.eu>Fri Mar 17 16:43:51 2023 +0100
treee693e845b334cdde5de5a85e914ed8e07fe19f82
parent5b4e16ee2d809b9d7aeb72fdff8c330718659c73 [diff]
BUG/MAJOR: qpack: fix possible read out of bounds in static table

CertiK Skyfall Team reported that passing an index greater than
QPACK_SHT_SIZE in a qpack instruction referencing a literal field
name with name reference or and indexed field line will cause a
read out of bounds that may crash the process, and confirmed that
this fix addresses the issue.

This needs to be backported as far as 2.5.
1 file changed
tree: e693e845b334cdde5de5a85e914ed8e07fe19f82
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .mailmap
  16. .travis.yml
  17. BRANCHES
  18. CHANGELOG
  19. CONTRIBUTING
  20. INSTALL
  21. LICENSE
  22. MAINTAINERS
  23. Makefile
  24. README
  25. SUBVERS
  26. VERDATE
  27. VERSION