From 881cc33da236fbcd0cb0cf6c2bfc7efcf80ede76 Mon Sep 17 00:00:00 2001
From: Niklas Keller <me@kelunik.com>
Date: Wed, 3 Apr 2024 19:45:14 +0200
Subject: [PATCH] Merge pull request from GHSA-qjfw-cvjf-f4fm

---
 src/Http2/Http2Parser.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/Http2/Http2Parser.php b/src/Http2/Http2Parser.php
index fab9e9d..e82a5ea 100644
--- a/src/Http2/Http2Parser.php
+++ b/src/Http2/Http2Parser.php
@@ -378,6 +378,15 @@ private function pushHeaderBlockFragment(int $streamId, string $buffer): void
         $this->headerStream = $streamId;
         $this->headerBuffer[] = $buffer;
         $this->headerLength += \strlen($buffer);
+
+        $headersTooLarge = $this->headerLength > $this->headerSizeLimit;
+
+        if ($headersTooLarge) {
+            throw new Http2ConnectionException(
+                "Headers exceed the maximum configured size of {$this->headerSizeLimit} bytes",
+                self::COMPRESSION_ERROR
+            );
+        }
     }
 
     /** @see https://http2.github.io/http2-spec/#HEADERS */