70b97b6a5209fb288b0e04d8e657dda26c59de67

Committed 02 Jun 2026 01:32PM UTC coverage: 87.873% (-0.3%) from 88.171%

Build # 70b97b6a5209fb288b0e04d8e657dda26c59de67

Build Type

push

github

Committed by

web-flow

Commit Message

Merge commit from fork

A malicious HTTP/2 server could exhaust a client's memory by sending a
flood of PUSH_PROMISE frames and never following up with the response
HEADERS. Each promised stream was inserted into `conn.streams` in the
`:reserved_remote` state without consulting `max_concurrent_streams`, so
the map grew without bound for as long as the connection was held open.

Count reserved streams against the client's `max_concurrent_streams` at
promise time and refuse any promise past the limit with a RST_STREAM
(REFUSED_STREAM). The header block fragment is always decoded first to
keep the HPACK decode table in sync, even when the stream is refused.

Coverage Stats

14 of 17 new or added lines in 1 file covered. (82.35%)

3 existing lines in 1 file now uncovered.

1384 of 1575 relevant lines covered (87.87%)

760.18 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.43

/lib/mint/http2.ex

elixir-mint / mint / 70b97b6a5209fb288b0e04d8e657dda26c59de67

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source Not Available

Source File
Press 'n' to go to next uncovered line, 'b' for previous