From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Mon, 20 Feb 2023 13:43:55 +0000 (+0100)
Subject: MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
X-Git-Tag: v2.8-dev5~41
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ceb88b8f46650e6915a852828e5be7bd350fa702;p=thirdparty%2Fhaproxy.git

MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams

This should be helpful to detect too small datagrams: datagrams
smaller than 1200 bytes, with Initial packets inside.

Must be backported to 2.7.
---

diff --git a/src/quic_conn.c b/src/quic_conn.c
index dbcd4db763..d8bcb76f91 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -3523,6 +3523,15 @@ int qc_send_ppkts(struct buffer *buf, struct ssl_sock_ctx *ctx)
 		time_sent = now_ms;
 
 		for (pkt = first_pkt; pkt; pkt = next_pkt) {
+			/* RFC 9000 14.1 Initial datagram size
+			 * a server MUST expand the payload of all UDP datagrams carrying ack-eliciting
+			 * Initial packets to at least the smallest allowed maximum datagram size of
+			 * 1200 bytes.
+			 */
+			BUG_ON_HOT(pkt->type == QUIC_PACKET_TYPE_INITIAL &&
+			           (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING) &&
+			           dglen < QUIC_INITIAL_PACKET_MINLEN);
+
 			pkt->time_sent = time_sent;
 			if (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING) {
 				pkt->pktns->tx.time_of_last_eliciting = time_sent;