jiangcuo/node - node - Gitea: Git with a cup of tea

jiangcuo/node

Fork 0

mirror of https://github.com/nodejs/node.git synced 2025-05-20 14:28:34 +00:00

Commit Graph

Author	SHA1	Message	Date
Daniel Bevenius	47d6cedd85	http2: add unknownProtocol timeout This commit add a configuration options named unknownProtocolTimeout which can be specified to set a value for the timeout in milliseconds that a server should wait when an unknowProtocol is sent to it. When this happens a timer will be started and the if the socket has not been destroyed during that time the timer callback will destoy it. Refs: https://hackerone.com/reports/1043360 CVE-ID: CVE-2021-22883 PR-URL: https://github.com/nodejs-private/node-private/pull/246 Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>	2021-02-23 11:25:59 +00:00

Author

SHA1

Message

Date

Daniel Bevenius

47d6cedd85

http2: add unknownProtocol timeout

This commit add a configuration options named unknownProtocolTimeout
which can be specified to set a value for the timeout in milliseconds
that a server should wait when an unknowProtocol is sent to it. When
this happens a timer will be started and the if the socket has not been
destroyed during that time the timer callback will destoy it.

Refs: https://hackerone.com/reports/1043360
CVE-ID: CVE-2021-22883
PR-URL: https://github.com/nodejs-private/node-private/pull/246
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>

2021-02-23 11:25:59 +00:00

1 Commits