CERBERUS/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2026-05-13 09:36:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

QUIC: limited size of generated Stateless Reset packets.

Browse source 
Made sure to send packets smaller than the triggering packet,
following RFC 9000, Section 10.3.3.

Reported-by: cyberspace61
This commit is contained in:
Sergey Kandaurov 2026-02-20 18:52:56 +04:00 committed by Sergey Kandaurov
parent 2c7252dcad
commit 4037746c80
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/event/quic/ngx_event_quic_output.c
View file

@ -839,13 +839,13 @@ ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf,
len = pkt->len - 1;
} else {
max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3);
max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len);
if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) {
return NGX_ERROR;
}
len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1))
len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET))
+ NGX_QUIC_MIN_SR_PACKET;
}