mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 21:31:28 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MEDIUM: quic-be: avoid crashes when releasing Initial pktns

Browse Source 
This bug arrived with this fix:

    BUG/MINOR: quic-be: missing Initial packet number space discarding

leading to crashes when dereferencing ->ipktns.

Such crashes could be reproduced with -dMfail option. To reach them, the
memory allocations must fail. So, this is relatively rare, except on systems
with limited memory.

To fix this, do not call quic_pktns_discard() if ->ipktns is NULL.

No need to backport.
This commit is contained in:
Frederic Lecaille 2025-08-26 10:26:14 +02:00
parent c36e4fb17f
commit 729196fbed
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/quic_conn.c
View File

@ -916,7 +916,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
* discard Initial keys when it first sends a Handshake packet... * discard Initial keys when it first sends a Handshake packet...
*/ */
if (qc_is_back(qc) && !quic_tls_pktns_is_dcd(qc, qc->ipktns) && if (qc_is_back(qc) && qc->ipktns && !quic_tls_pktns_is_dcd(qc, qc->ipktns) &&
qc->hpktns && qc->hpktns->tx.in_flight > 0) { qc->hpktns && qc->hpktns->tx.in_flight > 0) {
/* Discard the Initial packet number space. */ /* Discard the Initial packet number space. */
TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PRSHPKT, qc); TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PRSHPKT, qc);