From: Amaury Denoyelle Date: Tue, 12 Aug 2025 15:27:03 +0000 (+0200) Subject: BUG/MEDIUM: quic: reset padding when building GSO datagrams X-Git-Tag: v3.3-dev8~118 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fc3ad50788ed5e5751650ff16976a25c21b38595;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: quic: reset padding when building GSO datagrams qc_prep_pkts() encodes input data into QUIC packets in a loop into one or several datagrams. It supports GSO which requires to built a serie of multiple datagrams of the same length. Each packet encoding is performed via a call to qc_do_build_pkt(). This function has an argument to specify if output packet must be completed with a PADDING frame. This option is activated when qc_prep_pkts() encodes the last packet of a datagram with at least one INITIAL packet in it. Padding is resetted each time a new datagram is started. However, this was not performed if GSO is used to built the next datagram. This patch fixes it by properly resetting padding in this case also. The impact of this bug is unknown. It may have several effectfs, one of the most obvious being the insertion of unnecessary padding in packets. It could also potentially trigger an infinite loop in qc_prep_pkts(), although this has never been encountered so far. This must be backported up to 3.1. --- diff --git a/src/quic_tx.c b/src/quic_tx.c index bbeefe1cd..7c3843fc1 100644 --- a/src/quic_tx.c +++ b/src/quic_tx.c @@ -818,7 +818,7 @@ static int qc_prep_pkts(struct quic_conn *qc, struct buffer *buf, */ prv_pkt = cur_pkt; dglen = 0; - + padding = 0; } else { /* Finalize current datagram if not all frames sent. */