diff options
author | Hugo Landau <hlandau@openssl.org> | 2023-06-06 16:25:11 +0100 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-07-17 08:17:57 +1000 |
commit | 283938fca59a7930a28e748e8ab7c2d15281c681 (patch) | |
tree | c635fef243213082cb9168112d194edda07a9436 | |
parent | 212616ed098bcf1190b6f687b234393b33168ba9 (diff) |
RFC 9000 s. 19.8: Enforce maximum stream size
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
-rw-r--r-- | ssl/quic/quic_rx_depack.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/ssl/quic/quic_rx_depack.c b/ssl/quic/quic_rx_depack.c index 6e2067f451..c75363d038 100644 --- a/ssl/quic/quic_rx_depack.c +++ b/ssl/quic/quic_rx_depack.c @@ -519,6 +519,21 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, return 0; } + /* + * RFC 9000 s. 19.8: "The largest offset delivered on a stream -- the sum of + * the offset and data length -- cannot exceed 2**62 - 1, as it is not + * possible to provide flow control credit for that data. Receipt of a frame + * that exceeds this limit MUST be treated as a connection error of type + * FRAME_ENCODING_ERROR or FLOW_CONTROL_ERROR." + */ + if (frame_data.offset + frame_data.len > (((uint64_t)1) << 62) - 1) { + ossl_quic_channel_raise_protocol_error(ch, + QUIC_ERR_FRAME_ENCODING_ERROR, + frame_type, + "oversize stream"); + return 0; + } + switch (stream->recv_state) { case QUIC_RSTREAM_STATE_RECV: case QUIC_RSTREAM_STATE_SIZE_KNOWN: |