If it is called through libnghttp2 internally, name/value pairs are
all NULL-terminated. But it is one of public API, and we cannot
expect that applications always make NULL-terminated string for
name/value pairs.
RFC 7541 requires that dynamic table size update must occur at the
beginning of the first header block, and is signaled as SETTINGS
acknowledgement. This commit checks these conditions. If dynamic
table size update appears other than the beginning of the first header
block, it is treated as error. If SETTINGS ACK is received, and next
HEADERS header block does not have dynamic table size update, it is
treated as error.
The assert only evaluates to code if NDEBUG is undefined. Protect rv and its use accordingly
Issue reported by Joerg Mayer
https://code.wireshark.org/review/8260
We rewrite static header table handling in nghttp2_hd.c. We expand
nghttp2_token to include all static header table entries, and fully
use them in header compression and decompression. The lookup function
is now located in nghttp2_hd.c. We add new nghttp2_hd_inflate_hd2()
function to export token value for header name, then we pass it to
nghttp2_http_on_header function, so that we don't have to look up
token there. We carefully set enum value of token to static table
index, so looking up static table is now O(1), assuming we have token.
nghttp2 library now use Literal Header Field never Indexed for
"authorization" header field and small "cookie" header field,
regardless of nghttp2_nv.flags.
nghttp2_mem structure is introduced to hold custom memory allocator
functions and user supplied pointer. nghttp2_mem object can be passed
to nghttp2_session_client_new3(), nghttp2_session_server_new3(),
nghttp2_hd_deflate_new2() and nghttp2_hd_inflate_new2() to replace
standard malloc(), free(), calloc() and realloc(). nghttp2_mem
structure has user supplied pointer mem_user_data which can be used as
per session/object memory pool.