mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-23 23:01:24 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level

Browse Source 
When arriving at the handshake completion, next encryption level will be
null on quic_conn_io_cb(). Thus this must be check this before
dereferencing it via qc_need_sending() to prevent a crash.

This was reproduced quickly when browsing over a local nextcloud
instance through QUIC with firefox.

This has been introduced in the current dev with quic-conn Tx
refactoring. No need to backport it.
This commit is contained in:
Amaury Denoyelle 2022-08-09 17:52:52 +02:00
parent 96ca1b7c39
commit f0f92b2db8
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/xprt_quic.c
View File

@ -3961,8 +3961,10 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
if (!quic_get_tls_enc_levels(&tel, &next_tel, st, 0)) if (!quic_get_tls_enc_levels(&tel, &next_tel, st, 0))
goto err; goto err;
if (!qc_need_sending(qc, qel) && !qc_need_sending(qc, next_qel)) if (!qc_need_sending(qc, qel) &&
(!next_qel || !qc_need_sending(qc, next_qel))) {
goto skip_send; goto skip_send;
}
buf = qc_txb_alloc(qc); buf = qc_txb_alloc(qc);
if (!buf) if (!buf)