From 676b849d37c9c6ef1dadbc588c484a5fadc3f8cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Thu, 10 Mar 2022 10:38:20 +0100
Subject: [PATCH] BUG/MINOR: quic: Missing check when setting the
 anti-amplification limit as reached

Ensure the peer address is not validated before setting the anti-amplication
limit as reached.
---
 src/xprt_quic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index bb35f7040..15b7ddd2f 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -5193,7 +5193,7 @@ static struct quic_tx_packet *qc_build_pkt(unsigned char **pos,
 	/* Consume a packet number */
 	qel->pktns->tx.next_pn++;
 	qc->tx.prep_bytes += pkt->len;
-	if (qc->tx.prep_bytes >= 3 * qc->rx.bytes)
+	if (qc->tx.prep_bytes >= 3 * qc->rx.bytes && !quic_peer_validated_addr(qc))
 		HA_ATOMIC_OR(&qc->flags, QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED);
 	/* Now that a correct packet is built, let us consume <*pos> buffer. */
 	*pos = end;