net/http: update copy of http2

Updates to x/net git revision 9946ad7 Change-Id: I95c03daf382667002a5b22f184bd9b7d18144913 Reviewed-on: https://go-review.googlesource.com/16066Reviewed-by: Andrew Gerrand <adg@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

net/http: update copy of http2
Updates to x/net git revision 9946ad7 Change-Id: I95c03daf382667002a5b22f184bd9b7d18144913 Reviewed-on: https://go-review.googlesource.com/16066Reviewed-by: Andrew Gerrand <adg@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
3b000b3e · Brad Fitzpatrick · cf59c1f9 · 3b000b3e · 3b000b3e
Commit 3b000b3e authored Oct 20, 2015 by Brad Fitzpatrick
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

h2_bundle.go src/net/http/h2_bundle.go +0 -0

hpack.go src/vendor/golang.org/x/net/http2/hpack/hpack.go +6 -0

No files found.
--- a/src/net/http/h2_bundle.go
+++ b/src/net/http/h2_bundle.go
--- a/src/vendor/golang.org/x/net/http2/hpack/hpack.go
+++ b/src/vendor/golang.org/x/net/http2/hpack/hpack.go
@@ -282,6 +282,11 @@ func (d *Decoder) Write(p []byte) (n int, err error) {
 	for len(d.buf) > 0 {
 		err = d.parseHeaderFieldRepr()
 		if err == errNeedMore {
+			// Extra paranoia, making sure saveBuf won't
+			// get too large.  All the varint and string
+			// reading code earlier should already catch
+			// overlong things and return ErrStringLength,
+			// but keep this as a last resort.
 			const varIntOverhead = 8 // conservative
 			if d.maxStrLen != 0 && int64(len(d.buf)) > 2*(int64(d.maxStrLen)+varIntOverhead) {
 				return 0, ErrStringLength
@@ -503,6 +508,7 @@ func (d *Decoder) readString(p []byte, wantStr bool) (s string, remain []byte, e
 		buf.Reset() // don't trust others
 		defer bufPool.Put(buf)
 		if err := huffmanDecode(buf, d.maxStrLen, p[:strLen]); err != nil {
+			buf.Reset()
 			return "", nil, err
 		}
 		s = buf.String()