🐞 fix(parse_quic_uncryption_payload): 增加长度判断，修复长度异常时造成的内存非法读

附test/pcap/quic_len-2.pcapng为解析长度异常的包
2023-07-28 23:24:57 +08:00
parent 1b678406e7
commit 4d731800bf
2 changed files with 5 additions and 1 deletions
--- a/src/quic_process.cpp
+++ b/src/quic_process.cpp
@@ -778,7 +778,11 @@ unsigned char parse_quic_all_version(struct quic_info *quic_info, const char *pa
 	
 	if(quic_version>=GQUIC_VERSION_Q001 && quic_version<=GQUIC_VERSION_Q048)
 	{
-		return parse_quic_uncryption_payload(quic_info, payload+payload_offset, payload_len-payload_offset, thread_seq);
+		if(payload_len > payload_offset)
+		{
+			return parse_quic_uncryption_payload(quic_info, payload+payload_offset, payload_len-payload_offset, thread_seq);
+		}
+		return PARSE_RESULT_VERSION;
 	}
 	else if(((quic_version>=MVFST_VERSION_00 && quic_version<=MVFST_VERSION_0F)		||
 						(quic_version>=GQUIC_VERSION_Q049 && quic_version<=GQUIC_VERSION_Q059)	||
--- a/test/pcap/quic_len_-2.pcapng
+++ b/test/pcap/quic_len_-2.pcapng