From c2d2c1eadb2db236cdd8a353f220a642d72b6a8b Mon Sep 17 00:00:00 2001
From: Lachlan Roberts <lachlan@webtide.com>
Date: Mon, 1 May 2023 19:23:02 +1000
Subject: [PATCH] Issue #9554 - changes from review

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
---
 .../org/eclipse/jetty/http/HttpTokens.java    |  1 -
 .../jetty/http2/hpack/HpackDecoder.java       |  5 ++---
 .../jetty/http2/hpack/MetaDataBuilder.java    | 19 -------------------
 .../jetty/http3/qpack/QpackDecoder.java       |  1 +
 4 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpTokens.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpTokens.java
index 7fab69d1f67..4dbac388cff 100644
--- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpTokens.java
+++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpTokens.java
@@ -264,7 +264,6 @@ public class HttpTokens
         return c;
     }
 
-
     /**
      * Checks whether this is an invalid VCHAR based on RFC9110.
      * If this not a valid ISO-8859-1 character or a control character
diff --git a/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackDecoder.java b/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackDecoder.java
index 09c23c5e477..d6982480d12 100644
--- a/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackDecoder.java
+++ b/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/HpackDecoder.java
@@ -72,7 +72,8 @@ public class HpackDecoder
         if (LOG.isDebugEnabled())
             LOG.debug(String.format("CtxTbl[%x] decoding %d octets", _context.hashCode(), buffer.remaining()));
 
-        // If the buffer is big, don't even think about decoding it
+        // If the buffer is big, don't even think about decoding it.
+        // Huffman may double the size, but it will only be a temporary allocation until detected in MetaDataBuilder.emit().
         if (buffer.remaining() > _builder.getMaxSize())
             throw new HpackException.SessionException("431 Request Header Fields too large");
 
@@ -169,7 +170,6 @@ public class HpackDecoder
                 {
                     huffmanName = (buffer.get() & 0x80) == 0x80;
                     int length = integerDecode(buffer, 7);
-                    _builder.checkSize(length, huffmanName);
                     if (huffmanName)
                         name = huffmanDecode(buffer, length);
                     else
@@ -210,7 +210,6 @@ public class HpackDecoder
                 // decode the value
                 boolean huffmanValue = (buffer.get() & 0x80) == 0x80;
                 int length = integerDecode(buffer, 7);
-                _builder.checkSize(length, huffmanValue);
                 if (huffmanValue)
                     value = huffmanDecode(buffer, length);
                 else
diff --git a/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/MetaDataBuilder.java b/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/MetaDataBuilder.java
index e431aa9ffd9..b00be5c232e 100644
--- a/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/MetaDataBuilder.java
+++ b/jetty-http2/http2-hpack/src/main/java/org/eclipse/jetty/http2/hpack/MetaDataBuilder.java
@@ -280,23 +280,4 @@ public class MetaDataBuilder
             _contentLength = -1;
         }
     }
-
-    /**
-     * Check that the max size will not be exceeded.
-     *
-     * @param length the length
-     * @param huffman the huffman name
-     * @throws SessionException in case of size errors
-     */
-    public void checkSize(int length, boolean huffman) throws SessionException
-    {
-        if (length < 0)
-            throw new IllegalArgumentException();
-
-        // Apply a huffman fudge factor
-        if (huffman)
-            length = Math.multiplyExact(length, 4) / 3;
-        if (Math.addExact(_size, length) > _maxSize)
-            throw new SessionException("Header too large %d > %d", _size + length, _maxSize);
-    }
 }
diff --git a/jetty-http3/http3-qpack/src/main/java/org/eclipse/jetty/http3/qpack/QpackDecoder.java b/jetty-http3/http3-qpack/src/main/java/org/eclipse/jetty/http3/qpack/QpackDecoder.java
index bd1931d0af4..f98b379ef1a 100644
--- a/jetty-http3/http3-qpack/src/main/java/org/eclipse/jetty/http3/qpack/QpackDecoder.java
+++ b/jetty-http3/http3-qpack/src/main/java/org/eclipse/jetty/http3/qpack/QpackDecoder.java
@@ -136,6 +136,7 @@ public class QpackDecoder implements Dumpable
             LOG.debug("Decoding: streamId={}, buffer={}", streamId, BufferUtil.toDetailString(buffer));
 
         // If the buffer is big, don't even think about decoding it
+        // Huffman may double the size, but it will only be a temporary allocation until detected in MetaDataBuilder.emit().
         int maxHeaderSize = getMaxHeaderSize();
         if (buffer.remaining() > maxHeaderSize)
             throw new QpackException.SessionException(QPACK_DECOMPRESSION_FAILED, "header_too_large");