From: Neil Horman <nhorman@openssl.org>
Date: Thu, 28 Nov 2024 12:42:56 +0000 (-0500)
Subject: Fix length check for datagram size in quic
X-Git-Tag: openssl-3.5.0-alpha1~314
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2f01b094080d2e468778ef028fa549975fd40901;p=thirdparty%2Fopenssl.git

Fix length check for datagram size in quic

RFC says we should only accept datagrams of at least 1200 bytes, so the
check should discard anything under that, not over that

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26000)
---

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index 58dbe60b389..ffe9c2947fb 100644
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -964,7 +964,7 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg,
          * is a minimum of 1200 bytes in size
          */
 
-        if (e->data_len >= 1200)
+        if (e->data_len < 1200)
             goto undesirable;
 
         /*