From 6befccd8a15c1bfb4d70627a1d4569c1c57f05f5 Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Fri, 1 Jul 2022 11:26:04 +0200 Subject: [PATCH] BUG/MINOR: mux-quic: do not signal FIN if gap in buffer Adjust FIN signal on Rx path for the application layer : ensure that the receive buffer has no gap. Without this extra condition, FIN was signalled as soon as the STREAM frame with FIN was received, even if we were still waiting to receive missing offsets. This bug could have lead to incomplete requests read from the application protocol. However, in practice this bug has very little chance to happen as the application layer ensures that the demuxed frame length is equivalent to the buffer data size. The only way to happen is if to receive the FIN STREAM as the H3 demuxer is still processing on a frame which is not the last one of the stream. This must be backported up to 2.6. The previous patch on ncbuf is required for the newly defined function ncb_is_fragmented(). MINOR: ncbuf: implement ncb_is_fragmented() --- src/mux_quic.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/mux_quic.c b/src/mux_quic.c index 85fb620bf..455b43e48 100644 --- a/src/mux_quic.c +++ b/src/mux_quic.c @@ -439,11 +439,19 @@ static int qcc_decode_qcs(struct qcc *qcc, struct qcs *qcs) { struct buffer b; ssize_t ret; + int fin = 0; TRACE_ENTER(QMUX_EV_QCS_RECV, qcc->conn, qcs); b = qcs_b_dup(&qcs->rx.ncbuf); - ret = qcc->app_ops->decode_qcs(qcs, &b, qcs->flags & QC_SF_FIN_RECV); + + /* Signal FIN to application if STREAM FIN received and there is no gap + * in the Rx buffer. + */ + if (qcs->flags & QC_SF_FIN_RECV && !ncb_is_fragmented(&qcs->rx.ncbuf)) + fin = 1; + + ret = qcc->app_ops->decode_qcs(qcs, &b, fin); if (ret < 0) { TRACE_DEVEL("leaving on decoding error", QMUX_EV_QCS_RECV, qcc->conn, qcs); return 1;