Subscribe via feed.

haproxy hpack-tbl.c Out-Of-Bounds Write

Posted by deepcore on April 22, 2020 – 5:23 pm

The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »