From: Andrew Dinh <andrewd@openssl.org>
Date: Thu, 2 Jan 2025 03:46:06 +0000 (-0800)
Subject: Fix MARSHALLED_TOKEN_MAX_LEN
X-Git-Tag: openssl-3.5.0-alpha1~272
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=db1c857c07cb24153ba62a54c9ed95b7adb0b363;p=thirdparty%2Fopenssl.git

Fix MARSHALLED_TOKEN_MAX_LEN

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26333)
---

diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c
index 6185005aecb..d477f64b1cb 100644
--- a/ssl/quic/quic_port.c
+++ b/ssl/quic/quic_port.c
@@ -82,7 +82,7 @@ typedef struct validation_token {
  *   maximally sized AF_UNIX socket)
  * - is_retry is a single byte
  */
-#define MARSHALLED_TOKEN_MAX_LEN 197
+#define MARSHALLED_TOKEN_MAX_LEN 169
 
 /*
  * Maximum length of an encrypted marshalled validation token.
@@ -760,7 +760,7 @@ static int generate_retry_token(BIO_ADDR *peer, QUIC_CONN_ID odcid,
  * @brief Marshals a validation token into a new buffer.
  *
  * |buffer| should already be allocated and at least MARSHALLED_TOKEN_MAX_LEN
- * bytes long. Stores the actual data stored in |buffer| in |buffer_len|.
+ * bytes long. Stores the length of data stored in |buffer| in |buffer_len|.
  *
  * @param token      Validation token.
  * @param buffer     Address to store the marshalled token.