Skip to content

Commit

Permalink
src: ensure to close stream when destroying session
Browse files Browse the repository at this point in the history 
Co-Authored-By: Anna Henningsen <anna@addaleax.net>
PR-URL: nodejs-private/node-private#561
Fixes: https://hackerone.com/reports/2319584
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
CVE-ID: CVE-2024-27983
  • Loading branch information
@RafaelGSS @addaleax
RafaelGSS and addaleax committed Apr 2, 2024
1 parent 8c8961d commit 0fb816d
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions src/node_http2.cc
View file
Expand Up @@ -528,6 +528,12 @@ Http2Session::Http2Session(Http2State* http2_state,
Http2Session::~Http2Session() {
CHECK(!is_in_scope());
Debug(this, "freeing nghttp2 session");
// Ensure that all `Http2Stream` instances and the memory they hold
// on to are destroyed before the nghttp2 session is.
for (const auto& [id, stream] : streams_) {
stream->Detach();
}
streams_.clear();
// Explicitly reset session_ so the subsequent
// current_nghttp2_memory_ check passes.
session_.reset();
Expand Down

0 comments on commit 0fb816d

Please sign in to comment.