diff options
author | Hugo Landau <hlandau@openssl.org> | 2023-06-06 16:25:12 +0100 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-07-17 08:17:57 +1000 |
commit | e26dc8e3d54a414ba9dc85f54e13112617e32556 (patch) | |
tree | 49b3ec5dad53c98231bd7265ef528ab530f7b026 /ssl | |
parent | 3ffb7d104f618262175283f26275b8be61e27467 (diff) |
QUIC Conformance: Frame Handling Tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/quic/quic_channel.c | 1 | ||||
-rw-r--r-- | ssl/quic/quic_rx_depack.c | 15 | ||||
-rw-r--r-- | ssl/quic/quic_wire.c | 12 |
3 files changed, 11 insertions, 17 deletions
diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index c0ce222d86..30b5faf24b 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -2629,7 +2629,6 @@ void ossl_quic_channel_on_new_conn_id(QUIC_CHANNEL *ch, return; /* We allow only two active connection ids; first check some constraints */ - if (ch->cur_remote_dcid.id_len == 0) { /* Changing from 0 length connection id is disallowed */ ossl_quic_channel_raise_protocol_error(ch, diff --git a/ssl/quic/quic_rx_depack.c b/ssl/quic/quic_rx_depack.c index 11404f3146..58d2fc4596 100644 --- a/ssl/quic/quic_rx_depack.c +++ b/ssl/quic/quic_rx_depack.c @@ -515,21 +515,6 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, return 0; } - /* - * RFC 9000 s. 19.8: "The largest offset delivered on a stream -- the sum of - * the offset and data length -- cannot exceed 2**62 - 1, as it is not - * possible to provide flow control credit for that data. Receipt of a frame - * that exceeds this limit MUST be treated as a connection error of type - * FRAME_ENCODING_ERROR or FLOW_CONTROL_ERROR." - */ - if (frame_data.offset + frame_data.len > (((uint64_t)1) << 62) - 1) { - ossl_quic_channel_raise_protocol_error(ch, - QUIC_ERR_FRAME_ENCODING_ERROR, - frame_type, - "oversize stream"); - return 0; - } - switch (stream->recv_state) { case QUIC_RSTREAM_STATE_RECV: case QUIC_RSTREAM_STATE_SIZE_KNOWN: diff --git a/ssl/quic/quic_wire.c b/ssl/quic/quic_wire.c index 2412e9afa5..22214069ec 100644 --- a/ssl/quic/quic_wire.c +++ b/ssl/quic/quic_wire.c @@ -318,7 +318,8 @@ int ossl_quic_wire_encode_frame_streams_blocked(WPACKET *pkt, int ossl_quic_wire_encode_frame_new_conn_id(WPACKET *pkt, const OSSL_QUIC_FRAME_NEW_CONN_ID *f) { - if (f->conn_id.id_len > QUIC_MAX_CONN_ID_LEN) + if (f->conn_id.id_len < 1 + || f->conn_id.id_len > QUIC_MAX_CONN_ID_LEN) return 0; if (!encode_frame_hdr(pkt, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID) @@ -683,6 +684,14 @@ int ossl_quic_wire_decode_frame_stream(PACKET *pkt, f->len = PACKET_remaining(pkt); } + /* + * RFC 9000 s. 19.8: "The largest offset delivered on a stream -- the sum of + * the offset and data length -- cannot exceed 2**62 - 1, as it is not + * possible to provide flow control credit for that data." + */ + if (f->offset + f->len > (((uint64_t)1) << 62) - 1) + return 0; + if (nodata) { f->data = NULL; } else { @@ -774,6 +783,7 @@ int ossl_quic_wire_decode_frame_new_conn_id(PACKET *pkt, || !PACKET_get_quic_vlint(pkt, &f->retire_prior_to) || f->seq_num < f->retire_prior_to || !PACKET_get_1(pkt, &len) + || len < 1 || len > QUIC_MAX_CONN_ID_LEN) return 0; |