From 99350cc54fbd14e9294fed5b5b0ef7eb99c25d8b Mon Sep 17 00:00:00 2001 From: hanguanqiang Date: Fri, 11 Apr 2025 07:55:50 +0800 Subject: [PATCH] correct-some-errors-related-to-CVE-2025-23085 --- src/node_http2.cc | 2 +- test/parallel/test-http2-premature-close.js | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/node_http2.cc b/src/node_http2.cc index 6365734..ac59ce9 100644 --- a/src/node_http2.cc +++ b/src/node_http2.cc @@ -1048,7 +1048,7 @@ int Http2Session::OnFrameNotSent(nghttp2_session* handle, // closed but the Http2Session will still be up causing a memory leak. // Therefore, if the GOAWAY frame couldn't be send due to // ERR_SESSION_CLOSING we should force close from our side. - if (frame->hd.type != 0x03) { + if (frame->hd.type != NGHTTP2_GOAWAY) { return 0; } } diff --git a/test/parallel/test-http2-premature-close.js b/test/parallel/test-http2-premature-close.js index a9b08f5..df30c42 100644 --- a/test/parallel/test-http2-premature-close.js +++ b/test/parallel/test-http2-premature-close.js @@ -29,9 +29,9 @@ async function requestAndClose(server) { // Send a valid HEADERS frame const headersFrame = Buffer.concat([ Buffer.from([ - 0x00, 0x00, 0x0c, // Length: 12 bytes + 0x00, 0x00, 0x0e, // Length: 14 bytes 0x01, // Type: HEADERS - 0x05, // Flags: END_HEADERS + END_STREAM + 0x04, // Flags: END_HEADERS (streamId >> 24) & 0xFF, // Stream ID: high byte (streamId >> 16) & 0xFF, (streamId >> 8) & 0xFF, @@ -41,7 +41,7 @@ async function requestAndClose(server) { 0x82, // Indexed Header Field Representation (Predefined ":method: GET") 0x84, // Indexed Header Field Representation (Predefined ":path: /") 0x86, // Indexed Header Field Representation (Predefined ":scheme: http") - 0x44, 0x0a, // Custom ":authority: localhost" + 0x41, 0x09, // ":authority: localhost" Length: 9 bytes 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, ]), ]); -- 2.43.0