forked from quic-go/quic-go
reject version negotiation packets with an empty version list
This commit is contained in:
Marten Seemann
@@ -60,6 +60,9 @@ func parseLongHeader(b *bytes.Reader, packetSentBy protocol.Perspective, typeByt
|
|||||||
if packetSentBy == protocol.PerspectiveClient {
|
if packetSentBy == protocol.PerspectiveClient {
|
||||||
return nil, qerr.Error(qerr.InvalidVersionNegotiationPacket, "sent by the client")
|
return nil, qerr.Error(qerr.InvalidVersionNegotiationPacket, "sent by the client")
|
||||||
}
|
}
|
||||||
|
if b.Len() == 0 {
|
||||||
|
return nil, qerr.Error(qerr.InvalidVersionNegotiationPacket, "empty version list")
|
||||||
|
}
|
||||||
h.SupportedVersions = make([]protocol.VersionNumber, b.Len()/4)
|
h.SupportedVersions = make([]protocol.VersionNumber, b.Len()/4)
|
||||||
for i := 0; b.Len() > 0; i++ {
|
for i := 0; b.Len() > 0; i++ {
|
||||||
v, err := utils.BigEndian.ReadUint32(b)
|
v, err := utils.BigEndian.ReadUint32(b)
|
||||||
|
|||||||
@@ -78,6 +78,12 @@ var _ = Describe("Header", func() {
|
|||||||
_, err := ParseHeader(b, protocol.PerspectiveClient)
|
_, err := ParseHeader(b, protocol.PerspectiveClient)
|
||||||
Expect(err).To(MatchError("InvalidVersionNegotiationPacket: sent by the client"))
|
Expect(err).To(MatchError("InvalidVersionNegotiationPacket: sent by the client"))
|
||||||
})
|
})
|
||||||
|
|
||||||
|
It("errors if the version list is emtpy", func() {
|
||||||
|
b := bytes.NewReader(data)
|
||||||
|
_, err := ParseHeader(b, protocol.PerspectiveServer)
|
||||||
|
Expect(err).To(MatchError("InvalidVersionNegotiationPacket: empty version list"))
|
||||||
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|||||||
@@ -205,6 +205,9 @@ func ParsePublicHeader(b *bytes.Reader, packetSentBy protocol.Perspective, versi
|
|||||||
// Version (optional)
|
// Version (optional)
|
||||||
if !header.ResetFlag && header.VersionFlag {
|
if !header.ResetFlag && header.VersionFlag {
|
||||||
if packetSentBy == protocol.PerspectiveServer { // parse the version negotiaton packet
|
if packetSentBy == protocol.PerspectiveServer { // parse the version negotiaton packet
|
||||||
|
if b.Len() == 0 {
|
||||||
|
return nil, qerr.Error(qerr.InvalidVersionNegotiationPacket, "empty version list")
|
||||||
|
}
|
||||||
if b.Len()%4 != 0 {
|
if b.Len()%4 != 0 {
|
||||||
return nil, qerr.InvalidVersionNegotiationPacket
|
return nil, qerr.InvalidVersionNegotiationPacket
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -145,14 +145,10 @@ var _ = Describe("Public Header", func() {
|
|||||||
Expect(b.Len()).To(BeZero())
|
Expect(b.Len()).To(BeZero())
|
||||||
})
|
})
|
||||||
|
|
||||||
It("parses a version negotiation packet that contains 0 versions", func() {
|
It("errors if it doesn't contain any versions", func() {
|
||||||
b := bytes.NewReader([]byte{0x9, 0xf6, 0x19, 0x86, 0x66, 0x9b, 0x9f, 0xfa, 0x4c})
|
b := bytes.NewReader([]byte{0x9, 0xf6, 0x19, 0x86, 0x66, 0x9b, 0x9f, 0xfa, 0x4c})
|
||||||
hdr, err := ParsePublicHeader(b, protocol.PerspectiveServer, protocol.VersionUnknown)
|
_, err := ParsePublicHeader(b, protocol.PerspectiveServer, protocol.VersionUnknown)
|
||||||
Expect(err).ToNot(HaveOccurred())
|
Expect(err).To(MatchError("InvalidVersionNegotiationPacket: empty version list"))
|
||||||
Expect(hdr.VersionFlag).To(BeTrue())
|
|
||||||
Expect(hdr.VersionNumber).To(BeZero()) // unitialized
|
|
||||||
Expect(hdr.SupportedVersions).To(BeEmpty())
|
|
||||||
Expect(b.Len()).To(BeZero())
|
|
||||||
})
|
})
|
||||||
|
|
||||||
It("reads version negotiation packets containing unsupported versions", func() {
|
It("reads version negotiation packets containing unsupported versions", func() {
|
||||||
|
|||||||
Reference in New Issue
Block a user