From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Thu, 17 Nov 2022 09:12:52 +0000 (+0100)
Subject: BUG/MEDIUM: quic: fix memleak for out-of-order crypto data
X-Git-Tag: v2.7-dev9~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc174b2101f5487c9ff79ddc044a2466b7da1036;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: quic: fix memleak for out-of-order crypto data

Liberate quic_enc_level ncbuf in quic_stream_free(). In most cases, this
will already be done when handshake is completed via
qc_treat_rx_crypto_frms(). However, if a connection is released before
handshake completion, a leak was present without this patch.

Under normal situation, this leak should have been limited due to the
majority of QUIC connection success on handshake. However, another bug
caused handshakes to fail too frequently, especially with chrome client.
This had the side-effect to dramatically increase this memory leak.

This should fix in part github issue #1903.
---

diff --git a/src/quic_conn.c b/src/quic_conn.c
index 7fc2ecd431..a2b42c9232 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -4478,6 +4478,8 @@ void quic_cstream_free(struct quic_cstream *cs)
 		return;
 	}
 
+	quic_free_ncbuf(&cs->rx.ncbuf);
+
 	qc_stream_desc_release(cs->desc);
 	pool_free(pool_head_quic_cstream, cs);
 }