QUIC LCIDM: Enforce and document ODCID peculiarities

Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22673)
author: Hugo Landau <hlandau@openssl.org> 2023-11-06 08:43:03 +0000
committer: Hugo Landau <hlandau@openssl.org> 2023-12-06 10:40:11 +0000
commit: a35956b2f7749a8c7a199bdb416a02912d6e33e3 (patch)
tree: a0430e0bce7901dca5cd86082e2c28a393daed75 /ssl
parent: 11841571ff04d3c67e58caf3ca0ca02ec5e3812a (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/quic/quic_lcidm.c b/ssl/quic/quic_lcidm.c
index 5c956e4edd..af61292e57 100644
--- a/ssl/quic/quic_lcidm.c
+++ b/ssl/quic/quic_lcidm.c
@@ -318,7 +318,8 @@ int ossl_quic_lcidm_enrol_odcid(QUIC_LCIDM *lcidm,
     QUIC_LCIDM_CONN *conn;
     QUIC_LCID key, *lcid_obj;
 
-    if (initial_odcid == NULL)
+    if (initial_odcid == NULL || initial_odcid->id_len < QUIC_MIN_ODCID_LEN
+        || initial_odcid->id_len > QUIC_MAX_CONN_ID_LEN)
         return 0;
 
     if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
author	Hugo Landau <hlandau@openssl.org>	2023-11-06 08:43:03 +0000
committer	Hugo Landau <hlandau@openssl.org>	2023-12-06 10:40:11 +0000
commit	a35956b2f7749a8c7a199bdb416a02912d6e33e3 (patch)
tree	a0430e0bce7901dca5cd86082e2c28a393daed75 /ssl
parent	11841571ff04d3c67e58caf3ca0ca02ec5e3812a (diff)