From 4145bcc8a72621d81625831dad2db9381165ba9e Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Mon, 26 Nov 2018 15:45:21 +0700
Subject: [PATCH] reject a header if the 0x40 bit of the first bit is not set

This doesn't apply to the version negotiation packet.
---
 internal/wire/header.go      |  8 +++++++-
 internal/wire/header_test.go | 18 ++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/internal/wire/header.go b/internal/wire/header.go
index c6b449098..c1efafc6a 100644
--- a/internal/wire/header.go
+++ b/internal/wire/header.go
@@ -2,6 +2,7 @@ package wire
 
 import (
 	"bytes"
+	"errors"
 	"io"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
@@ -42,7 +43,6 @@ func ParseHeader(b *bytes.Reader, shortHeaderConnIDLen int) (*Header, error) {
 	return h, nil
 }
 
-// TODO: check that typeByte&0x40 == 0
 func parseHeaderImpl(b *bytes.Reader, shortHeaderConnIDLen int) (*Header, error) {
 	typeByte, err := b.ReadByte()
 	if err != nil {
@@ -55,6 +55,9 @@ func parseHeaderImpl(b *bytes.Reader, shortHeaderConnIDLen int) (*Header, error)
 	}
 
 	if !h.IsLongHeader {
+		if h.typeByte&0x40 == 0 {
+			return nil, errors.New("not a QUIC packet")
+		}
 		if err := h.parseShortHeader(b, shortHeaderConnIDLen); err != nil {
 			return nil, err
 		}
@@ -78,6 +81,9 @@ func (h *Header) parseLongHeader(b *bytes.Reader) error {
 		return err
 	}
 	h.Version = protocol.VersionNumber(v)
+	if !h.IsVersionNegotiation() && h.typeByte&0x40 == 0 {
+		return errors.New("not a QUIC packet")
+	}
 	connIDLenByte, err := b.ReadByte()
 	if err != nil {
 		return err
diff --git a/internal/wire/header_test.go b/internal/wire/header_test.go
index 62b7a48eb..8be3a78fd 100644
--- a/internal/wire/header_test.go
+++ b/internal/wire/header_test.go
@@ -101,6 +101,17 @@ var _ = Describe("Header Parsing", func() {
 			Expect(b.Len()).To(BeZero())
 		})
 
+		It("errors if 0x40 is not set", func() {
+			data := []byte{
+				0x80 | 0x2<<4,
+				0x11,                   // connection ID lengths
+				0xde, 0xca, 0xfb, 0xad, // dest conn ID
+				0xde, 0xad, 0xbe, 0xef, // src conn ID
+			}
+			_, err := ParseHeader(bytes.NewReader(data), 0)
+			Expect(err).To(MatchError("not a QUIC packet"))
+		})
+
 		It("stops parsing when encountering an unsupported version", func() {
 			data := []byte{
 				0xc0,
@@ -259,6 +270,13 @@ var _ = Describe("Header Parsing", func() {
 			Expect(b.Len()).To(BeZero())
 		})
 
+		It("errors if 0x40 is not set", func() {
+			connID := protocol.ConnectionID{0xde, 0xad, 0xbe, 0xef, 0xca, 0xfe, 0x13, 0x37}
+			data := append([]byte{0x0}, connID...)
+			_, err := ParseHeader(bytes.NewReader(data), 8)
+			Expect(err).To(MatchError("not a QUIC packet"))
+		})
+
 		It("reads a Short Header with a 5 byte connection ID", func() {
 			connID := protocol.ConnectionID{1, 2, 3, 4, 5}
 			data := append([]byte{0x40}, connID...)