- Limit the number of consecutive reads on an HTTP/2 session.

Thanks to Gal Bar Nahum for exposing the possibility of infinite
  reads on the session.

doc/Changelog

@@ -1,3 +1,8 @@
+29 August 2025: Yorgos
+	- Limit the number of consecutive reads on an HTTP/2 session.
+	  Thanks to Gal Bar Nahum for exposing the possibility of infinite
+	  reads on the session.
+
 28 August 2025: Wouter
 	- Fix setup_listen_sslctx warning for nettle compile.
 

util/netevent.c

@@ -5161,6 +5161,15 @@ ssize_t http2_recv_cb(nghttp2_session* ATTR_UNUSED(session), uint8_t* buf,
 
 	log_assert(h2_session->c->type == comm_http);
 	log_assert(h2_session->c->h2_session);
+	if(++h2_session->reads_count > h2_session->c->http2_max_streams) {
+		/* We are somewhat arbitrarily capping the amount of
+		 * consecutive reads on the HTTP2 session to the number of max
+		 * allowed streams.
+		 * When we reach the cap, error out with NGHTTP2_ERR_WOULDBLOCK
+		 * to signal nghttp2_session_recv() to stop reading for now. */
+		h2_session->reads_count = 0;
+		return NGHTTP2_ERR_WOULDBLOCK;
+	}
 
 #ifdef HAVE_SSL
 	if(h2_session->c->ssl) {

util/netevent.h

@@ -939,6 +939,8 @@ struct http2_session {
 	/** comm point containing buffer used to build answer in worker or
 	 * module */
 	struct comm_point* c;
+	/** count the number of consecutive reads on the session */
+	uint32_t reads_count;
 	/** session is instructed to get dropped (comm port will be closed) */
 	int is_drop;
 	/** postpone dropping the session, can be used to prevent dropping