mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-21 22:01:31 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: quic: use proper error code on invalid received TP value

Browse Source 
As per RFC 9000, checks must be implemented to reject invalid values for
received transport parameters. Such values are dependent on the
parameter type.

Checks were already implemented for ack_delay_exponent and
active_connection_id_limit, accordingly with the QUIC specification.
However, the connection was closed with an incorrect error code. Fix
this to ensure that TRANSPORT_PARAMETER_ERROR code is used as expected.

This should be backported up to 2.6. Note that is relies on previous
patch "MINOR: quic: extend return value on TP parsing".
This commit is contained in:
Amaury Denoyelle 2025-05-06 18:00:43 +02:00
parent 10f1f1adce
commit b60a17aad7
1 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/quic_tp.c
View File

@ -336,9 +336,17 @@ quic_transport_param_decode(struct quic_transport_params *p, int server,
return QUIC_TP_DEC_ERR_TRUNC; return QUIC_TP_DEC_ERR_TRUNC;
break; break;
case QUIC_TP_ACK_DELAY_EXPONENT: case QUIC_TP_ACK_DELAY_EXPONENT:
if (!quic_dec_int(&p->ack_delay_exponent, buf, end) || if (!quic_dec_int(&p->ack_delay_exponent, buf, end))
p->ack_delay_exponent > QUIC_TP_ACK_DELAY_EXPONENT_LIMIT)
return QUIC_TP_DEC_ERR_TRUNC; return QUIC_TP_DEC_ERR_TRUNC;
/* RFC 9000 18.2. Transport Parameter Definitions
*
* ack_delay_exponent (0x0a): [...]
* Values above 20 are invalid.
*/
if (p->ack_delay_exponent > QUIC_TP_ACK_DELAY_EXPONENT_LIMIT)
return QUIC_TP_DEC_ERR_INVAL;
break; break;
case QUIC_TP_MAX_ACK_DELAY: case QUIC_TP_MAX_ACK_DELAY:
if (!quic_dec_int(&p->max_ack_delay, buf, end) || if (!quic_dec_int(&p->max_ack_delay, buf, end) ||
@ -656,12 +664,16 @@ quic_transport_params_decode(struct quic_transport_params *p, int server,
return QUIC_TP_DEC_ERR_INVAL; return QUIC_TP_DEC_ERR_INVAL;
} }
/* Note that if not received by the peer, active_connection_id_limit will /* RFC 9000 18.2. Transport Parameter Definitions
* have QUIC_TP_DFLT_ACTIVE_CONNECTION_ID_LIMIT as default value. This *
* is also the minimum value for this transport parameter. * active_connection_id_limit (0x0e):
* [...] The value of the
* active_connection_id_limit parameter MUST be at least 2. An
* endpoint that receives a value less than 2 MUST close the
* connection with an error of type TRANSPORT_PARAMETER_ERROR.
*/ */
if (p->active_connection_id_limit < QUIC_TP_DFLT_ACTIVE_CONNECTION_ID_LIMIT) if (p->active_connection_id_limit < QUIC_TP_DFLT_ACTIVE_CONNECTION_ID_LIMIT)
return QUIC_TP_DEC_ERR_TRUNC; return QUIC_TP_DEC_ERR_INVAL;
return QUIC_TP_DEC_ERR_NONE; return QUIC_TP_DEC_ERR_NONE;
} }