MINOR: quic: Drop Initial packets with wrong ODCID

According to the RFC 9000, the client ODCID must have a minimal length of 8 bytes.

diff --git a/include/haproxy/xprt_quic-t.h b/include/haproxy/xprt_quic-t.h
index e3eee60e1529d8b9f064b312fe62a3521f645ef5..157d81d45688e62b3a8e08cd64257cb8b91aaf40 100644 (file)
--- a/include/haproxy/xprt_quic-t.h
+++ b/include/haproxy/xprt_quic-t.h
@@ -62,6 +62,8 @@ typedef unsigned long long ull;
 /* Common definitions for short and long QUIC packet headers. */
 /* QUIC connection ID maximum length for version 1. */
 #define QUIC_CID_MAXLEN               20 /* bytes */
+/* QUIC original destination connection ID minial length */
+#define QUIC_ODCID_MINLEN              8 /* bytes */
 /*
  * All QUIC packets with long headers are made of at least (in bytes):
  * flags(1), version(4), DCID length(1), DCID(0..20), SCID length(1), SCID(0..20)

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 322f11787462652d163fcafd2614d85eafa64481..a3a7bd0d6982a06ad38cb09d2fc4441e394cc507 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -4308,6 +4308,11 @@ static ssize_t qc_lstnr_pkt_rcv(unsigned char *buf, const unsigned char *end,
                                goto err;
                        }
 
+                       if (pkt->dcid.len < QUIC_ODCID_MINLEN) {
+                               TRACE_PROTO("dropped packet", QUIC_EV_CONN_LPKT);
+                               goto err;
+                       }
+
                        pkt->saddr = dgram->saddr;
                        ipv4 = dgram->saddr.ss_family == AF_INET;
                        qc = qc_new_conn(pkt->version, ipv4,