From: Willy Tarreau Date: Fri, 5 Aug 2022 08:09:32 +0000 (+0200) Subject: BUG/MINOR: quic: do not reject datagrams matching minimum permitted size X-Git-Tag: v2.7-dev3~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=af5138fd0725a917956a7b85df9ac74f11984ceb;p=thirdparty%2Fhaproxy.git BUG/MINOR: quic: do not reject datagrams matching minimum permitted size The dgram length check in quic_get_dgram_dcid() rejects datagrams matching exactly the minimum allowed length, which doesn't seem correct. I doubt any useful packet would be that small but better fix this to avoid confusing debugging sessions in the future. This might be backported to 2.6. --- diff --git a/src/xprt_quic.c b/src/xprt_quic.c index a6e257d7af..4046b670c6 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -6615,7 +6615,7 @@ int quic_get_dgram_dcid(unsigned char *buf, const unsigned char *end, minlen = long_header ? QUIC_LONG_PACKET_MINLEN : QUIC_SHORT_PACKET_MINLEN + QUIC_HAP_CID_LEN + QUIC_TLS_TAG_LEN; skip = long_header ? QUIC_LONG_PACKET_DCID_OFF : QUIC_SHORT_PACKET_DCID_OFF; - if (end - buf <= minlen) + if (end - buf < minlen) goto err; buf += skip;