BUG/MINOR: qpack: reject invalid dynamic table capacity

Currently haproxy does not implement dynamic table support for QPACK. As
such, dynamic table capacity advertized via H3 SETTINGS is 0. When
receiving a non-null Set Dynamic Table Capacity instruction, close
immediately the connection using QPACK_ENCODER_STREAM_ERROR.

Prior to this patch, such instructions were simply ignored. This is non
conform to QUIC specification.

This should be backported up to 2.6. Note that on 2.6 qcc_set_error()
must be replaced by function qcc_emit_cc_app().

diff --git a/src/qpack-dec.c b/src/qpack-dec.c
index 6a3bf432047efb19df5bacb8529dc0f2523c79f7..7a8726f2c02a87f498f94a0c6413a888e0becdd4 100644 (file)
--- a/src/qpack-dec.c
+++ b/src/qpack-dec.c
@@ -135,6 +135,19 @@ int qpack_decode_enc(struct buffer *buf, int fin, void *ctx)
        }
        else if (inst & QPACK_ENC_INST_SDTC_BIT) {
                /* Set dynamic table capacity */
+               int capacity = *b_head(buf) & 0x1f;
+
+               /* RFC 9204 4.3.1. Set Dynamic Table Capacity
+                *
+                * The decoder MUST treat a new dynamic table capacity
+                * value that exceeds this limit as a connection error of type
+                * QPACK_ENCODER_STREAM_ERROR.
+                */
+               if (capacity) {
+                       qcc_set_error(qcs->qcc, QPACK_ENCODER_STREAM_ERROR, 1);
+                       return -1;
+               }
+
        }
 
        return 0;