net/spdy/alps_decoder.cc - cobalt - Git at Google

 // Copyright 2021 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/spdy/alps_decoder.h"

 #include "base/feature_list.h"
 #include "base/metrics/histogram_functions.h"
 #include "net/base/features.h"

 namespace net {
 namespace {

 bool ReadUint16PrefixedStringPiece(base::StringPiece* payload,
                                    base::StringPiece* output) {
   if (payload->size() < 2) {
     return false;
   }
   const uint16_t length = (static_cast<uint16_t>((*payload)[0]) << 8) +
                           (static_cast<uint8_t>((*payload)[1]));
   payload->remove_prefix(2);

   if (payload->size() < length) {
     return false;
   }
   *output = payload->substr(0, length);
   payload->remove_prefix(length);

   return true;
 }

 }  // anonymous namespace

 AlpsDecoder::AlpsDecoder() {
   decoder_adapter_.set_visitor(&settings_parser_);
   decoder_adapter_.set_extension_visitor(&accept_ch_parser_);
 }

 AlpsDecoder::~AlpsDecoder() = default;

 AlpsDecoder::Error AlpsDecoder::Decode(base::span<const char> data) {
   decoder_adapter_.ProcessInput(data.data(), data.size());

   // Log if any errors were bypassed.
   base::UmaHistogramEnumeration(
       "Net.SpdySession.AlpsDecoderStatus.Bypassed",
       accept_ch_parser_.error_bypass());

   if (decoder_adapter_.HasError()) {
     return Error::kFramingError;
   }

   if (settings_parser_.forbidden_frame_received()) {
     return Error::kForbiddenFrame;
   }

   if (settings_parser_.settings_ack_received()) {
     return Error::kSettingsWithAck;
   }

   if (decoder_adapter_.state() !=
       http2::Http2DecoderAdapter::SPDY_READY_FOR_FRAME) {
     return Error::kNotOnFrameBoundary;
   }

   return accept_ch_parser_.error();
 }

 int AlpsDecoder::settings_frame_count() const {
   return settings_parser_.settings_frame_count();
 }

 AlpsDecoder::SettingsParser::SettingsParser() = default;
 AlpsDecoder::SettingsParser::~SettingsParser() = default;

 void AlpsDecoder::SettingsParser::OnCommonHeader(
     spdy::SpdyStreamId /*stream_id*/,
     size_t /*length*/,
     uint8_t type,
     uint8_t /*flags*/) {
   if (type == static_cast<uint8_t>(http2::Http2FrameType::DATA) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::HEADERS) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::PRIORITY) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::RST_STREAM) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::PUSH_PROMISE) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::PING) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::GOAWAY) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::WINDOW_UPDATE) ||
       type == static_cast<uint8_t>(http2::Http2FrameType::CONTINUATION)) {
     forbidden_frame_received_ = true;
   }
 }

 void AlpsDecoder::SettingsParser::OnSettings() {
   settings_frame_count_++;
 }
 void AlpsDecoder::SettingsParser::OnSetting(spdy::SpdySettingsId id,
                                             uint32_t value) {
   settings_[id] = value;
 }

 void AlpsDecoder::SettingsParser::OnSettingsAck() {
   settings_ack_received_ = true;
 }

 AlpsDecoder::AcceptChParser::AcceptChParser() = default;
 AlpsDecoder::AcceptChParser::~AcceptChParser() = default;

 bool AlpsDecoder::AcceptChParser::OnFrameHeader(spdy::SpdyStreamId stream_id,
                                                 size_t length,
                                                 uint8_t type,
                                                 uint8_t flags) {
   // Ignore data after an error has occurred.
   if (error_ != Error::kNoError)
     return false;
   // Stop all alps parsing if it's disabled.
   if (!base::FeatureList::IsEnabled(features::kAlpsParsing))
     return false;
   // Handle per-type parsing.
   switch (type) {
     case static_cast<uint8_t>(spdy::SpdyFrameType::ACCEPT_CH): {
       // Stop alps client hint parsing if it's disabled.
       if (!base::FeatureList::IsEnabled(features::kAlpsClientHintParsing))
         return false;
       // Check for issues with the frame.
       if (stream_id != 0) {
         error_ = Error::kAcceptChInvalidStream;
         return false;
       }
       if (flags != 0) {
         error_ = Error::kAcceptChWithFlags;
         return false;
       }
       // This frame can be parsed in OnFramePayload.
       return true;
     }
     default:
       // Ignore all other types.
       return false;
   }
 }

 void AlpsDecoder::AcceptChParser::OnFramePayload(const char* data, size_t len) {
   DCHECK_EQ(Error::kNoError, error_);

   base::StringPiece payload(data, len);

   while (!payload.empty()) {
     base::StringPiece origin;
     base::StringPiece value;
     if (!ReadUint16PrefixedStringPiece(&payload, &origin) ||
         !ReadUint16PrefixedStringPiece(&payload, &value)) {
       if (base::FeatureList::IsEnabled(
               features::kShouldKillSessionOnAcceptChMalformed)) {
         // This causes a session termination.
         error_ = Error::kAcceptChMalformed;
         return;
       } else {
         // This logs that a session termination was bypassed.
         error_bypass_ = Error::kAcceptChMalformed;
         return;
       }
     }
     accept_ch_.push_back(
         spdy::AcceptChOriginValuePair{std::string(origin), std::string(value)});
   }
 }

 }  // namespace net
	// Copyright 2021 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/spdy/alps_decoder.h"

	#include "base/feature_list.h"
	#include "base/metrics/histogram_functions.h"
	#include "net/base/features.h"

	namespace net {
	namespace {

	bool ReadUint16PrefixedStringPiece(base::StringPiece* payload,
	base::StringPiece* output) {
	if (payload->size() < 2) {
	return false;
	}
	const uint16_t length = (static_cast<uint16_t>((*payload)[0]) << 8) +
	(static_cast<uint8_t>((*payload)[1]));
	payload->remove_prefix(2);

	if (payload->size() < length) {
	return false;
	}
	*output = payload->substr(0, length);
	payload->remove_prefix(length);

	return true;
	}

	} // anonymous namespace

	AlpsDecoder::AlpsDecoder() {
	decoder_adapter_.set_visitor(&settings_parser_);
	decoder_adapter_.set_extension_visitor(&accept_ch_parser_);
	}

	AlpsDecoder::~AlpsDecoder() = default;

	AlpsDecoder::Error AlpsDecoder::Decode(base::span<const char> data) {
	decoder_adapter_.ProcessInput(data.data(), data.size());

	// Log if any errors were bypassed.
	base::UmaHistogramEnumeration(
	"Net.SpdySession.AlpsDecoderStatus.Bypassed",
	accept_ch_parser_.error_bypass());

	if (decoder_adapter_.HasError()) {
	return Error::kFramingError;
	}

	if (settings_parser_.forbidden_frame_received()) {
	return Error::kForbiddenFrame;
	}

	if (settings_parser_.settings_ack_received()) {
	return Error::kSettingsWithAck;
	}

	if (decoder_adapter_.state() !=
	http2::Http2DecoderAdapter::SPDY_READY_FOR_FRAME) {
	return Error::kNotOnFrameBoundary;
	}

	return accept_ch_parser_.error();
	}

	int AlpsDecoder::settings_frame_count() const {
	return settings_parser_.settings_frame_count();
	}

	AlpsDecoder::SettingsParser::SettingsParser() = default;
	AlpsDecoder::SettingsParser::~SettingsParser() = default;

	void AlpsDecoder::SettingsParser::OnCommonHeader(
	spdy::SpdyStreamId /stream_id/,
	size_t /length/,
	uint8_t type,
	uint8_t /flags/) {
	if (type == static_cast<uint8_t>(http2::Http2FrameType::DATA) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::HEADERS) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::PRIORITY) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::RST_STREAM) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::PUSH_PROMISE) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::PING) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::GOAWAY) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::WINDOW_UPDATE) \|\|
	type == static_cast<uint8_t>(http2::Http2FrameType::CONTINUATION)) {
	forbidden_frame_received_ = true;
	}
	}

	void AlpsDecoder::SettingsParser::OnSettings() {
	settings_frame_count_++;
	}
	void AlpsDecoder::SettingsParser::OnSetting(spdy::SpdySettingsId id,
	uint32_t value) {
	settings_[id] = value;
	}

	void AlpsDecoder::SettingsParser::OnSettingsAck() {
	settings_ack_received_ = true;
	}

	AlpsDecoder::AcceptChParser::AcceptChParser() = default;
	AlpsDecoder::AcceptChParser::~AcceptChParser() = default;

	bool AlpsDecoder::AcceptChParser::OnFrameHeader(spdy::SpdyStreamId stream_id,
	size_t length,
	uint8_t type,
	uint8_t flags) {
	// Ignore data after an error has occurred.
	if (error_ != Error::kNoError)
	return false;
	// Stop all alps parsing if it's disabled.
	if (!base::FeatureList::IsEnabled(features::kAlpsParsing))
	return false;
	// Handle per-type parsing.
	switch (type) {
	case static_cast<uint8_t>(spdy::SpdyFrameType::ACCEPT_CH): {
	// Stop alps client hint parsing if it's disabled.
	if (!base::FeatureList::IsEnabled(features::kAlpsClientHintParsing))
	return false;
	// Check for issues with the frame.
	if (stream_id != 0) {
	error_ = Error::kAcceptChInvalidStream;
	return false;
	}
	if (flags != 0) {
	error_ = Error::kAcceptChWithFlags;
	return false;
	}
	// This frame can be parsed in OnFramePayload.
	return true;
	}
	default:
	// Ignore all other types.
	return false;
	}
	}

	void AlpsDecoder::AcceptChParser::OnFramePayload(const char* data, size_t len) {
	DCHECK_EQ(Error::kNoError, error_);

	base::StringPiece payload(data, len);

	while (!payload.empty()) {
	base::StringPiece origin;
	base::StringPiece value;
	if (!ReadUint16PrefixedStringPiece(&payload, &origin) \|\|
	!ReadUint16PrefixedStringPiece(&payload, &value)) {
	if (base::FeatureList::IsEnabled(
	features::kShouldKillSessionOnAcceptChMalformed)) {
	// This causes a session termination.
	error_ = Error::kAcceptChMalformed;
	return;
	} else {
	// This logs that a session termination was bypassed.
	error_bypass_ = Error::kAcceptChMalformed;
	return;
	}
	}
	accept_ch_.push_back(
	spdy::AcceptChOriginValuePair{std::string(origin), std::string(value)});
	}
	}

	} // namespace net