From 4b369969ce0a3dc2a2ac10b31a6ce844926faac4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Mon, 30 Mar 2020 17:30:01 +0200
Subject: Fix some HPACK Huffman decoding failure cases

When EOS is found within the string the decoding must fail.
When the final padding is > 7 bit in length the decoding must
fail as well.
---
 src/cow_hpack_dec_huffman_lookup.hrl | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

(limited to 'src/cow_hpack_dec_huffman_lookup.hrl')

diff --git a/src/cow_hpack_dec_huffman_lookup.hrl b/src/cow_hpack_dec_huffman_lookup.hrl
index 16d22cb..5ed4d39 100644
--- a/src/cow_hpack_dec_huffman_lookup.hrl
+++ b/src/cow_hpack_dec_huffman_lookup.hrl
@@ -4049,7 +4049,7 @@ dec_huffman_lookup(16#fa, 16#b) -> {ok, 16#f9, 16#28};
 dec_huffman_lookup(16#fa, 16#c) -> {ok, 16#0a, 16#00};
 dec_huffman_lookup(16#fa, 16#d) -> {ok, 16#0d, 16#00};
 dec_huffman_lookup(16#fa, 16#e) -> {ok, 16#16, 16#00};
-dec_huffman_lookup(16#fa, 16#f) -> {more, undefined, 16#fa};
+dec_huffman_lookup(16#fa, 16#f) -> error;
 dec_huffman_lookup(16#fb, 16#0) -> {more, 16#7f, 16#03};
 dec_huffman_lookup(16#fb, 16#1) -> {more, 16#7f, 16#06};
 dec_huffman_lookup(16#fb, 16#2) -> {more, 16#7f, 16#0a};
@@ -4080,8 +4080,8 @@ dec_huffman_lookup(16#fc, 16#a) -> {more, 16#0d, 16#01};
 dec_huffman_lookup(16#fc, 16#b) -> {ok, 16#0d, 16#16};
 dec_huffman_lookup(16#fc, 16#c) -> {more, 16#16, 16#01};
 dec_huffman_lookup(16#fc, 16#d) -> {ok, 16#16, 16#16};
-dec_huffman_lookup(16#fc, 16#e) -> {more, undefined, 16#fc};
-dec_huffman_lookup(16#fc, 16#f) -> {more, undefined, 16#fc};
+dec_huffman_lookup(16#fc, 16#e) -> error;
+dec_huffman_lookup(16#fc, 16#f) -> error;
 dec_huffman_lookup(16#fd, 16#0) -> {more, 16#0a, 16#02};
 dec_huffman_lookup(16#fd, 16#1) -> {more, 16#0a, 16#09};
 dec_huffman_lookup(16#fd, 16#2) -> {more, 16#0a, 16#17};
@@ -4094,10 +4094,10 @@ dec_huffman_lookup(16#fd, 16#8) -> {more, 16#16, 16#02};
 dec_huffman_lookup(16#fd, 16#9) -> {more, 16#16, 16#09};
 dec_huffman_lookup(16#fd, 16#a) -> {more, 16#16, 16#17};
 dec_huffman_lookup(16#fd, 16#b) -> {ok, 16#16, 16#28};
-dec_huffman_lookup(16#fd, 16#c) -> {more, undefined, 16#fd};
-dec_huffman_lookup(16#fd, 16#d) -> {more, undefined, 16#fd};
-dec_huffman_lookup(16#fd, 16#e) -> {more, undefined, 16#fd};
-dec_huffman_lookup(16#fd, 16#f) -> {more, undefined, 16#fd};
+dec_huffman_lookup(16#fd, 16#c) -> error;
+dec_huffman_lookup(16#fd, 16#d) -> error;
+dec_huffman_lookup(16#fd, 16#e) -> error;
+dec_huffman_lookup(16#fd, 16#f) -> error;
 dec_huffman_lookup(16#fe, 16#0) -> {more, 16#0a, 16#03};
 dec_huffman_lookup(16#fe, 16#1) -> {more, 16#0a, 16#06};
 dec_huffman_lookup(16#fe, 16#2) -> {more, 16#0a, 16#0a};
@@ -4122,11 +4122,11 @@ dec_huffman_lookup(16#ff, 16#4) -> {more, 16#16, 16#18};
 dec_huffman_lookup(16#ff, 16#5) -> {more, 16#16, 16#1f};
 dec_huffman_lookup(16#ff, 16#6) -> {more, 16#16, 16#29};
 dec_huffman_lookup(16#ff, 16#7) -> {ok, 16#16, 16#38};
-dec_huffman_lookup(16#ff, 16#8) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#9) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#a) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#b) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#c) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#d) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#e) -> {more, undefined, 16#ff};
-dec_huffman_lookup(16#ff, 16#f) -> {more, undefined, 16#ff}.
+dec_huffman_lookup(16#ff, 16#8) -> error;
+dec_huffman_lookup(16#ff, 16#9) -> error;
+dec_huffman_lookup(16#ff, 16#a) -> error;
+dec_huffman_lookup(16#ff, 16#b) -> error;
+dec_huffman_lookup(16#ff, 16#c) -> error;
+dec_huffman_lookup(16#ff, 16#d) -> error;
+dec_huffman_lookup(16#ff, 16#e) -> error;
+dec_huffman_lookup(16#ff, 16#f) -> error.
-- 
cgit v1.2.3