Sync shared code from aspnetcore (#77323)

b5a27cd0 · github-actions[bot] · GitHub · 1b4f17b8 · b5a27cd0 · b5a27cd0
2 changed file
--- a/src/libraries/Common/src/System/Net/Http/aspnetcore/Http2/Hpack/HPackDecoder.cs
+++ b/src/libraries/Common/src/System/Net/Http/aspnetcore/Http2/Hpack/HPackDecoder.cs
@@ -577,7 +577,7 @@ private void OnStringLength(int length, State nextState)
                    throw new HPackDecodingException(SR.Format(SR.net_http_headers_exceeded_length, _maxHeadersLength));
                }

-                _stringOctets = new byte[Math.Max(length, _stringOctets.Length * 2)];
+                _stringOctets = new byte[Math.Max(length, Math.Min(_stringOctets.Length * 2, _maxHeadersLength))];
            }

            _stringLength = length;
@@ -625,7 +625,7 @@ private void EnsureStringCapacity(ref byte[] dst)
        {
            if (dst.Length < _stringLength)
            {
-                dst = new byte[Math.Max(_stringLength, dst.Length * 2)];
+                dst = new byte[Math.Max(_stringLength, Math.Min(dst.Length * 2, _maxHeadersLength))];
            }
        }


--- a/src/libraries/Common/tests/Tests/System/Net/aspnetcore/Http2/HPackDecoderTest.cs
+++ b/src/libraries/Common/tests/Tests/System/Net/aspnetcore/Http2/HPackDecoderTest.cs
@@ -493,6 +493,41 @@ public void DecodesStringLength_LimitConfigurable()
            Assert.Equal(string8193, _handler.DecodedHeaders[string8193]);
        }

+        [Fact]
+        public void DecodesStringLength_ExceedsLimit_Throws()
+        {
+            HPackDecoder decoder = new HPackDecoder(DynamicTableInitialMaxSize, MaxHeaderFieldSize + 1);
+            string string8191 = new string('a', MaxHeaderFieldSize - 1);
+            string string8193 = new string('a', MaxHeaderFieldSize + 1);
+            string string8194 = new string('a', MaxHeaderFieldSize + 2);
+
+            var bytes = new byte[3];
+            var success = IntegerEncoder.Encode(8194, 7, bytes, out var written);
+
+            byte[] encoded = _literalHeaderFieldWithoutIndexingNewName
+                .Concat(new byte[] { 0x7f, 0x80, 0x3f }) // 8191 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8191))
+                .Concat(new byte[] { 0x7f, 0x80, 0x3f }) // 8191 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8191))
+                .Concat(_literalHeaderFieldWithoutIndexingNewName)
+                .Concat(new byte[] { 0x7f, 0x82, 0x3f }) // 8193 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8193))
+                .Concat(new byte[] { 0x7f, 0x82, 0x3f }) // 8193 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8193))
+                .Concat(_literalHeaderFieldWithoutIndexingNewName)
+                .Concat(new byte[] { 0x7f, 0x83, 0x3f }) // 8194 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8194))
+                .Concat(new byte[] { 0x7f, 0x83, 0x3f }) // 8194 encoded with 7-bit prefix, no Huffman encoding
+                .Concat(Encoding.ASCII.GetBytes(string8194))
+                .ToArray();
+
+            var ex = Assert.Throws<HPackDecodingException>(() => decoder.Decode(encoded, endHeaders: true, handler: _handler));
+            Assert.Equal(SR.Format(SR.net_http_headers_exceeded_length, MaxHeaderFieldSize + 1), ex.Message);
+            Assert.Equal(string8191, _handler.DecodedHeaders[string8191]);
+            Assert.Equal(string8193, _handler.DecodedHeaders[string8193]);
+            Assert.False(_handler.DecodedHeaders.ContainsKey(string8194));
+        }
+
        [Fact]
        public void DecodesStringLength_IndividualBytes()
        {