From f92d816e3d5e0545dd035b9daae9032740e08100 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= Date: Thu, 20 Jul 2023 15:45:41 +0200 Subject: [PATCH] BUG/MINOR: quic: Missing parentheses around PTO probe variable. It is hard to analyze the impact of this bug. I guess it could lead a connection to probe infinitively (with an exponential backoff probe timeout) during an handshake, but one has never seen such a case. Add missing parentheses around ->flags of the TX packet built by qc_do_build_pkt() to detect that this packet embeds ack-eliciting frames. In this case if a probing packet was needed the ->pto_probe value of the packet number space must be decremented. Must be backported as far as 2.6. --- src/quic_conn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/quic_conn.c b/src/quic_conn.c index a652c0f90c..76c004168a 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -8044,7 +8044,7 @@ static int qc_do_build_pkt(unsigned char *pos, const unsigned char *end, /* If this packet is ack-eliciting and we are probing let's * decrement the PTO probe counter. */ - if (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING && + if ((pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING) && qel->pktns->tx.pto_probe) qel->pktns->tx.pto_probe--; -- 2.47.3