W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2013

Design Issue: Overlong Frames

From: James M Snell <jasnell@gmail.com>
Date: Thu, 9 May 2013 10:26:16 -0700
Message-ID: <CABP7RbewOju850tE2GV2U4JZVawGTFGoWoYF7LaofGdKcXYqZg@mail.gmail.com>
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
In going through a number of issues relating to frame sizes, I note
that the spec currently does not deal with the issue of "overlong" or
padded frames. That is, what happens if a frame contains more data
than what is explicitly called for in it's definition.

For instance, the GOAWAY frame currently defines it's payload as a
32-bit error code. What happens if that frame contains more than
32-bits? .. e.g.

  00 40 07 00 00 00 00 00
  0A BC DE FF FF FF FF FF

An implementation that is not being careful could completely miss the
extra junk bytes here. For GOAWAY it's obviously not too much of a
concern, but the risk for abuse exists for all frames that define a
specific structure for the payload data.

Recommendation: Adding a short statement that a PROTOCOL_ERROR MUST be
returned if a frame contains more bytes than what is expressly
specified in the frame definition.

- James
Received on Thursday, 9 May 2013 17:27:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:13 UTC