]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fd50924)
Fix length check for datagram size in quic
authorNeil Horman <nhorman@openssl.org>
Thu, 28 Nov 2024 12:42:56 +0000 (07:42 -0500)
committerNeil Horman <nhorman@openssl.org>
Mon, 17 Feb 2025 16:27:33 +0000 (11:27 -0500)
RFC says we should only accept datagrams of at least 1200 bytes, so the
check should discard anything under that, not over that

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26000)

ssl/quic/quic_port.c patch | blob | blame | history

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index 58dbe60b38953ba69b0b66650728bb86f39e8deb..ffe9c2947fb6384951742642df69f2323f30bddd 100644 (file)
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -964,7 +964,7 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg,
          * is a minimum of 1200 bytes in size
          */
 
-        if (e->data_len >= 1200)
+        if (e->data_len < 1200)
             goto undesirable;
 
         /*
Mirror of https://github.com/openssl/openssl.git