]> git.kaiwu.me - nginx.git/commit
QUIC: removed check for packet size beyond MAX_UDP_PAYLOAD_SIZE.
authorSergey Kandaurov <pluknet@nginx.com>
Tue, 8 Sep 2020 10:35:50 +0000 (13:35 +0300)
committerSergey Kandaurov <pluknet@nginx.com>
Tue, 8 Sep 2020 10:35:50 +0000 (13:35 +0300)
commit786a74e34ec89d0e78b95f2524dff68bf6235923
tree1d72e0975ebf68a118f68d216624df3e337ec048
parentd8360f912ac2eeb0103c2781d450b7735d7894ba
QUIC: removed check for packet size beyond MAX_UDP_PAYLOAD_SIZE.

The check tested the total size of a packet header and unprotected packet
payload, which doesn't include the packet number length and expansion of
the packet protection AEAD.  If the packet was corrupted, it could cause
false triggering of the condition due to unsigned type underflow leading
to a connection error.

Existing checks for the QUIC header and protected packet payload lengths
should be enough.
src/event/ngx_event_quic_protection.c