BUG/MINOR: h2: Don't look at the exclusive bit for PRIORITY frame

When receiving a PRIORITY frame, when checking if the stream id provided
is ours, ignore bit 31, as it is the exclusive bit, and not part of the
stream id, whoever sends a PRIORITY frame with its own id and the
exclusive bit set will not be considered an error, as it should per the
RFC.

The impact is basically non-existent since we don't use PRIORITY frames,
it's only that we would ignore such an invalid frame instead of breaking
the connection.

The bug was introduced in 1.9 with commit 92153fccd3 ("BUG/MINOR: h2:
properly check PRIORITY frames") so the fix must be backported to all
versions.

diff --git a/src/mux_h2.c b/src/mux_h2.c
index ba12a543def4aeaa89f97d09747288dcd4a04146..ab15221e37e60bf5be426d08739816bb1f0c558c 100644 (file)
--- a/src/mux_h2.c
+++ b/src/mux_h2.c
@@ -3432,7 +3432,11 @@ static int h2c_handle_priority(struct h2c *h2c)
                return 0;
        }
 
-       if (h2_get_n32(&h2c->dbuf, 0) == h2c->dsi) {
+       /*
+        * Bit 31 is the "exclusive" bit, it is not part of the stream id,
+        * so ignore it when checking if the stream id is ours.
+        */
+       if ((h2_get_n32(&h2c->dbuf, 0) & 0x7fffffff) == h2c->dsi) {
                /* 7540#5.3 : can't depend on itself */
                h2c_report_glitch(h2c, 1, "PRIORITY depends on itself");
                TRACE_ERROR("PRIORITY depends on itself", H2_EV_RX_FRAME|H2_EV_RX_WU, h2c->conn);