[release-branch.go1.21] net/http: pull http2 underflow fix from x/net/http2

After CL 534295 was merged to fix a CVE it introduced
an underflow when we try to decrement sc.curHandlers
in handlerDone.

Pull in a fix from x/net/http2:
http2: fix underflow in http2 server push
https://go-review.googlesource.com/c/net/+/535595

For #63511
Fixes #63560

Change-Id: I5c678ce7dcc53635f3ad5e4999857cb120dfc1ab
GitHub-Last-Rev: 587ffa3cafbb9da6bc82ba8a5b83313f81e5c89b
GitHub-Pull-Request: golang/go#63561
Reviewed-on: https://go-review.googlesource.com/c/go/+/535575
Run-TryBot: Mauri de Souza Meneguzzo <mauri870@gmail.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
(cherry picked from commit 0046c1414c4910dfe54abfcdbe18e565dd5a60f6)
Reviewed-on: https://go-review.googlesource.com/c/go/+/537996
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/src/go.mod b/src/go.mod
index 1731c134ce9044ff84d4dfd38e127bf9e787409c..3b24053b94da17f29138d60733611e1f7f769261 100644 (file)
--- a/src/go.mod
+++ b/src/go.mod
@@ -4,7 +4,7 @@ go 1.21
 
 require (
        golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d
-       golang.org/x/net v0.12.1-0.20231010172013-695775ce641b
+       golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c
 )
 
 require (

diff --git a/src/go.sum b/src/go.sum
index f47558ac1e7c58502bbc1dc966fe4304c4dc22eb..caf8ff010daafd522661a5370844171a0a307743 100644 (file)
--- a/src/go.sum
+++ b/src/go.sum
@@ -1,7 +1,7 @@
 golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d h1:LiA25/KWKuXfIq5pMIBq1s5hz3HQxhJJSu/SUGlD+SM=
 golang.org/x/crypto v0.11.1-0.20230711161743-2e82bdd1719d/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
-golang.org/x/net v0.12.1-0.20231010172013-695775ce641b h1:hR8N9NbnuDR3j/GuYomkYkAFPO6noviYh65jEgTT+lc=
-golang.org/x/net v0.12.1-0.20231010172013-695775ce641b/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
+golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c h1:d+VvAxu4S13DWtf73R5eY//VaCk3aUcVdyYjM1SX7zw=
+golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
 golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=

diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
index 9cd6a3490fcd10be36371d4b4f336bb72ae1b124..dd59e1f4f2ef43d8c542d571057b7a2dcb6c25f6 100644 (file)
--- a/src/net/http/h2_bundle.go
+++ b/src/net/http/h2_bundle.go
@@ -7012,6 +7012,7 @@ func (sc *http2serverConn) startPush(msg *http2startPushRequest) {
                        panic(fmt.Sprintf("newWriterAndRequestNoBody(%+v): %v", msg.url, err))
                }
 
+               sc.curHandlers++
                go sc.runHandler(rw, req, sc.handler.ServeHTTP)
                return promisedID, nil
        }

diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt
index 55df54373b2e74ee8da777bbcf5e1691d16da878..4de656b0e81f82d0aa7381694809d34a977926b5 100644 (file)
--- a/src/vendor/modules.txt
+++ b/src/vendor/modules.txt
@@ -7,7 +7,7 @@ golang.org/x/crypto/cryptobyte/asn1
 golang.org/x/crypto/hkdf
 golang.org/x/crypto/internal/alias
 golang.org/x/crypto/internal/poly1305
-# golang.org/x/net v0.12.1-0.20231010172013-695775ce641b
+# golang.org/x/net v0.12.1-0.20231027154334-5ca955b1789c
 ## explicit; go 1.17
 golang.org/x/net/dns/dnsmessage
 golang.org/x/net/http/httpguts