Signal error in HttpDecoder on empty PUSH_PROMISE frame. Currently on an empty, invalid PUSH_PROMISE frame HttpDecoder transitions from STATE_READING_FRAME_LENGTH directly to STATE_FINISH_PARSING, skipping STATE_READING_FRAME_PAYLOAD, which results in calling Visitor::OnPushPromiseFrameEnd() without calling Visitor::OnPushPromiseFrameStart(). This is wrong and can cause QuicSpdyStream to crash. This was caught by ClusterFuzz at https://crbug.com/1001823. Also add tests for other empty frames, and sanity DCHECKs in QuicSpdyStream. gfe-relnote: n/a, change to QUIC v99-only code. Protected by existing disabled gfe2_reloadable_flag_quic_enable_version_99. PiperOrigin-RevId: 270386637 Change-Id: I0c1944d1df300136d27367679e3128dd45e9bfd3
QUICHE (QUIC, Http/2, Etc) is Google‘s implementation of QUIC and related protocols. It powers Chromium as well as Google’s QUIC servers and some other projects.
The code is currently in process of being moved from https://cs.chromium.org/chromium/src/net/third_party/ into this repository. Please excuse our appearance while we're under construction.