Continued attacks on HTTP/2

That's great that you had this opportunity. The first time a person taught me about the ability to overflow a buffer and execute code 30 years ago, I almost laughed, and said "you'd be lucky if that would surprisingly work", and he told me "it works more often than you think". That's when I started experimenting with it and figured how hard it was to achieve on sparc (due to switched register banks) that I wrote a generic exploitation tool for this and finally managed to get root on some systems :-) I just felt sad that it was so much ignored by teachers themselves.