Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 67f47d01252d57ed9545f450f82f6205e53df60c / . / src / qpack-dec.c
blob: 95ec720b75c27544d3bc9ecb6f7903d4968ff500 [file] [log] [blame]
Frédéric Lécailleb4672fb2021-03-03 16:13:10 +0100[diff] [blame]1/*
2 * QPACK decompressor
3 *
4 * Copyright 2021 HAProxy Technologies, Frédéric Lécaille <flecaille@haproxy.com>
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation, version 2.1
9 * exclusively.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21#include <inttypes.h>
22#include <stdio.h>
23#include <stdlib.h>
24#include <string.h>
25
26#include <import/ist.h>
27#include <haproxy/buf.h>
28#include <haproxy/chunk.h>
29#include <haproxy/h3.h>
30#include <haproxy/qpack-t.h>
31#include <haproxy/qpack-dec.h>
32#include <haproxy/hpack-huff.h>
33#include <haproxy/hpack-tbl.h>
34#include <haproxy/tools.h>
35
36#define DEBUG_HPACK
37
38#if defined(DEBUG_HPACK)
39#define qpack_debug_printf fprintf
40#define qpack_debug_hexdump debug_hexdump
41#else
42#define qpack_debug_printf(...) do { } while (0)
43#define qpack_debug_hexdump(...) do { } while (0)
44#endif
45
46/* Encoded field line bitmask */
47#define QPACK_EFL_BITMASK 0xf0
48#define QPACK_LFL_WPBNM 0x00 // Literal field line with post-base name reference
49#define QPACK_IFL_WPBI 0x10 // Indexed field line with post-based index
50#define QPACK_LFL_WLN_BIT 0x20 // Literal field line with literal name
51#define QPACK_LFL_WNR_BIT 0x40 // Literal field line with name reference
52#define QPACK_IFL_BIT 0x80 // Indexed field line
53
54/* reads a varint from <raw>'s lowest <b> bits and <len> bytes max (raw included).
55 * returns the 64-bit value on success after updating buf and len_in. Forces
56 * len_in to (uint64_t)-1 on truncated input.
57 * Note that this function is similar to the one used for HPACK (except that is supports
58 * up to 62-bits integers).
59 */
60static uint64_t qpack_get_varint(const unsigned char **buf, uint64_t *len_in, int b)
61{
62 uint64_t ret = 0;
63 int len = *len_in;
64 const uint8_t *raw = *buf;
65 uint8_t shift = 0;
66
67 len--;
68 ret = *raw++ & ((1 << b) - 1);
69 if (ret != (uint64_t)((1 << b) - 1))
70 goto end;
71
72 while (len && (*raw & 128)) {
73 ret += ((uint64_t)*raw++ & 127) << shift;
74 shift += 7;
75 len--;
76 }
77
78 /* last 7 bits */
79 if (!len)
80 goto too_short;
81
82 len--;
83 ret += ((uint64_t)*raw++ & 127) << shift;
84
85 end:
86 *buf = raw;
87 *len_in = len;
88 return ret;
89
90 too_short:
91 *len_in = (uint64_t)-1;
92 return 0;
93}
94
95/* Decode an encoder stream */
96int qpack_decode_enc(struct h3_uqs *h3_uqs, void *ctx)
97{
98 size_t len;
99 struct buffer *rxbuf;
100 unsigned char inst;
101
102 rxbuf = &h3_uqs->qcs->rx.buf;
103 len = b_data(rxbuf);
104 qpack_debug_hexdump(stderr, "[QPACK-DEC-ENC] ", b_head(rxbuf), 0, len);
105
106 if (!len) {
107 qpack_debug_printf(stderr, "[QPACK-DEC-ENC] empty stream\n");
108 return 0;
109 }
110
111 inst = (unsigned char)*b_head(rxbuf) & QPACK_ENC_INST_BITMASK;
112 if (inst == QPACK_ENC_INST_DUP) {
113 /* Duplicate */
114 }
115 else if (inst & QPACK_ENC_INST_IWNR_BIT) {
116 /* Insert With Name Reference */
117 }
118 else if (inst & QPACK_ENC_INST_IWLN_BIT) {
119 /* Insert with literal name */
120 }
121 else if (inst & QPACK_ENC_INST_SDTC_BIT) {
122 /* Set dynamic table capacity */
123 }
124
125 return 1;
126}
127
128/* Decode an decoder stream */
129int qpack_decode_dec(struct h3_uqs *h3_uqs, void *ctx)
130{
131 size_t len;
132 struct buffer *rxbuf;
133 unsigned char inst;
134
135 rxbuf = &h3_uqs->qcs->rx.buf;
136 len = b_data(rxbuf);
137 qpack_debug_hexdump(stderr, "[QPACK-DEC-DEC] ", b_head(rxbuf), 0, len);
138
139 if (!len) {
140 qpack_debug_printf(stderr, "[QPACK-DEC-DEC] empty stream\n");
141 return 0;
142 }
143
144 inst = (unsigned char)*b_head(rxbuf) & QPACK_DEC_INST_BITMASK;
145 if (inst == QPACK_DEC_INST_ICINC) {
146 /* Insert count increment */
147 }
148 else if (inst & QPACK_DEC_INST_SACK) {
149 /* Section Acknowledgment */
150 }
151 else if (inst & QPACK_DEC_INST_SCCL) {
152 /* Stream cancellation */
153 }
154
155 return 1;
156}
157
158/* Decode a field section prefix made of <enc_ric> and <db> two varints.
159 * Also set the 'S' sign bit for <db>.
160 * Return a negative error if failed, 0 if not.
161 */
162static int qpack_decode_fs_pfx(uint64_t *enc_ric, uint64_t *db, int *sign_bit,
163 const unsigned char **raw, size_t *len)
164{
165 *enc_ric = qpack_get_varint(raw, len, 8);
166 if (*len == (uint64_t)-1)
167 return -QPACK_ERR_RIC;
168
169 *sign_bit = **raw & 0x8;
170 *db = qpack_get_varint(raw, len, 7);
171 if (*len == (uint64_t)-1)
172 return -QPACK_ERR_DB;
173
174 return 0;
175}
176
177/* Decode a field section from <len> bytes length <raw> buffer.
178 * Produces the output into <tmp> buffer.
179 */
180int qpack_decode_fs(const unsigned char *raw, size_t len, struct buffer *tmp)
181{
182 uint64_t enc_ric, db;
183 int s;
184 unsigned int efl_type;
185 int ret;
186
187 qpack_debug_hexdump(stderr, "[QPACK-DEC-FS] ", (const char *)raw, 0, len);
188
189 ret = qpack_decode_fs_pfx(&enc_ric, &db, &s, &raw, &len);
190 if (ret < 0) {
191 qpack_debug_printf(stderr, "##ERR@%d(%d)\n", __LINE__, ret);
192 goto out;
193 }
194
195 chunk_reset(tmp);
196 qpack_debug_printf(stderr, "enc_ric: %llu db: %llu s=%d\n",
197 (unsigned long long)enc_ric, (unsigned long long)db, !!s);
198 /* Decode field lines */
199 while (len) {
200 qpack_debug_hexdump(stderr, "raw ", (const char *)raw, 0, len);
201 efl_type = *raw & QPACK_EFL_BITMASK;
202 qpack_debug_printf(stderr, "efl_type=0x%02x\n", efl_type);
203 if (efl_type == QPACK_LFL_WPBNM) {
204 /* Literal field line with post-base name reference */
205 uint64_t index, length;
206 unsigned int n, h;
207
208 qpack_debug_printf(stderr, "literal field line with post-base name reference:");
209 n = *raw & 0x08;
210 index = qpack_get_varint(&raw, &len, 3);
211 if (len == (uint64_t)-1) {
212 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
213 ret = -QPACK_ERR_TRUNCATED;
214 goto out;
215 }
216
217 qpack_debug_printf(stderr, " n=%d index=%llu", !!n, (unsigned long long)index);
218 h = *raw & 0x80;
219 length = qpack_get_varint(&raw, &len, 7);
220 if (len == (uint64_t)-1) {
221 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
222 ret = -QPACK_ERR_TRUNCATED;
223 goto out;
224 }
225
226 qpack_debug_printf(stderr, " h=%d length=%llu", !!h, (unsigned long long)length);
227 /* XXX Value string XXX */
228 raw += length;
229 len -= length;
230 } else if (efl_type == QPACK_IFL_WPBI) {
231 /* Indexed field line with post-base index */
232 uint64_t index;
233
234 qpack_debug_printf(stderr, "indexed field line with post-base index:");
235 index = qpack_get_varint(&raw, &len, 4);
236 if (len == (uint64_t)-1) {
237 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
238 ret = -QPACK_ERR_TRUNCATED;
239 goto out;
240 }
241
242 qpack_debug_printf(stderr, " index=%llu", (unsigned long long)index);
243 } else if (efl_type & QPACK_IFL_BIT) {
244 /* Indexed field line */
245 uint64_t index;
246 unsigned int t;
247
248 qpack_debug_printf(stderr, "indexed field line:");
249 t = efl_type & 0x40;
250 index = qpack_get_varint(&raw, &len, 6);
251 if (len == (uint64_t)-1) {
252 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
253 ret = -QPACK_ERR_TRUNCATED;
254 goto out;
255 }
256
257 qpack_debug_printf(stderr, " t=%d index=%llu", !!t, (unsigned long long)index);
258 } else if (efl_type & QPACK_LFL_WNR_BIT) {
259 /* Literal field line with name reference */
260 uint64_t index, length;
261 unsigned int t, n, h;
262
263 qpack_debug_printf(stderr, "Literal field line with name reference:");
264 n = efl_type & 0x20;
265 t = efl_type & 0x10;
266 index = qpack_get_varint(&raw, &len, 4);
267 if (len == (uint64_t)-1) {
268 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
269 ret = -QPACK_ERR_TRUNCATED;
270 goto out;
271 }
272
273 qpack_debug_printf(stderr, " n=%d t=%d index=%llu", !!n, !!t, (unsigned long long)index);
274 h = *raw & 0x80;
275 length = qpack_get_varint(&raw, &len, 7);
276 if (len == (uint64_t)-1) {
277 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
278 ret = -QPACK_ERR_TRUNCATED;
279 goto out;
280 }
281
282 qpack_debug_printf(stderr, " h=%d length=%llu", !!h, (unsigned long long)length);
283 if (h) {
284 char *trash;
285 int nlen;
286
287 trash = chunk_newstr(tmp);
288 if (!trash) {
289 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
290 ret = -QPACK_DECOMPRESSION_FAILED;
291 goto out;
292 }
293 nlen = huff_dec(raw, length, trash, tmp->size - tmp->data);
294 if (nlen == (uint32_t)-1) {
295 qpack_debug_printf(stderr, " can't decode huffman.\n");
296 ret = -QPACK_ERR_HUFFMAN;
297 goto out;
298 }
299
300 qpack_debug_printf(stderr, " [name huff %d->%d '%s']", (int)length, (int)nlen, trash);
301 }
302 /* XXX Value string XXX */
303 raw += length;
304 len -= length;
305 } else if (efl_type & QPACK_LFL_WLN_BIT) {
306 /* Literal field line with literal name */
307 unsigned int n, hname, hvalue;
308 uint64_t name_len, value_len;
309
310 qpack_debug_printf(stderr, "Literal field line with literal name:");
311 n = *raw & 0x10;
312 hname = *raw & 0x08;
313 name_len = qpack_get_varint(&raw, &len, 3);
314 if (len == (uint64_t)-1) {
315 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
316 ret = -QPACK_ERR_TRUNCATED;
317 goto out;
318 }
319
320 qpack_debug_printf(stderr, " n=%d hanme=%d name_len=%llu", !!n, !!hname, (unsigned long long)name_len);
321 /* Name string */
322 raw += name_len;
323 len -= name_len;
324 hvalue = *raw & 0x80;
325 value_len = qpack_get_varint(&raw, &len, 7);
326 if (len == (uint64_t)-1) {
327 qpack_debug_printf(stderr, "##ERR@%d\n", __LINE__);
328 ret = -QPACK_ERR_TRUNCATED;
329 goto out;
330 }
331
332 qpack_debug_printf(stderr, " hvalue=%d value_len=%llu", !!hvalue, (unsigned long long)value_len);
333
334 /* XXX Value string XXX */
335 raw += value_len;
336 len -= value_len;
337 }
338 qpack_debug_printf(stderr, "\n");
339 }
340
341 out:
342 qpack_debug_printf(stderr, "-- done: ret=%d\n", ret);
343 return ret;
344}