UNDERTOW-1150 Hpack ArrayOutOfBound exception when client sends inval…

…id index

core/src/main/java/io/undertow/UndertowMessages.java

@@ -544,4 +544,6 @@ public interface UndertowMessages {
     @Message(id = 174, value = "An invalid escape character in cookie value")
     IllegalArgumentException invalidEscapeCharacter();
 
+    @Message(id = 175, value = "Invalid Hpack index %s")
+    HpackException invalidHpackIndex(int index);
 }

core/src/main/java/io/undertow/protocols/http2/HpackDecoder.java

@@ -304,11 +304,15 @@ private void handleIndex(int index) throws HpackException {
      * @param index The index from the hpack
      * @return the real index into the array
      */
-    int getRealIndex(int index) {
+    int getRealIndex(int index) throws HpackException {
         //the index is one based, but our table is zero based, hence -1
         //also because of our ring buffer setup the indexes are reversed
         //index = 1 is at position firstSlotPosition + filledSlots
-        return (firstSlotPosition + (filledTableSlots - index)) % headerTable.length;
+        int newIndex = (firstSlotPosition + (filledTableSlots - index)) % headerTable.length;
+        if(newIndex < 0) {
+            throw UndertowMessages.MESSAGES.invalidHpackIndex(index);
+        }
+        return newIndex;
     }
 
     private void addStaticTableEntry(int index) throws HpackException {

core/src/test/java/io/undertow/protocols/http2/HpackSpecExamplesUnitTestCase.java

@@ -389,7 +389,7 @@ public void testExample_D_2_112() throws HpackException {
     }
 
 
-    private static void assertTableState(HpackDecoder decoder, int index, String name, String value) {
+    private static void assertTableState(HpackDecoder decoder, int index, String name, String value) throws HpackException {
         int idx = decoder.getRealIndex(index);
         Hpack.HeaderField val = decoder.getHeaderTable()[idx];
         Assert.assertEquals(name, val.name.toString());