Google Git
Sign in
quiche / quiche.git / 855d2175fa0417c8b694d16ed9541f966a579f2a
commit855d2175fa0417c8b694d16ed9541f966a579f2a[log] [tgz]
authornharper <nharper@google.com>Thu May 02 16:17:46 2019 -0700
committerCopybara-Service <copybara-worker@google.com>Thu May 02 16:38:13 2019 -0700
tree104f794a96c734e40dae143a51d827e3bb38cc26
parentf44024e20590c7dd2ee4a40c0e4b745e1238ca50 [diff]
Harden QuicFramer::DecryptPayload to avoid dereferencing bad EncryptionLevels

This was originally dschinazi's cl/246356749

This provides another layer of defense for fixing the bugs also fixed by
cl/246391380.

gfe-relnote: Add bounds checks to QuicFramer::DecryptPayload; not flag protected
PiperOrigin-RevId: 246411510
Change-Id: Ibe6c71327716e56a465ef88e9d24018b6db93b77
2 files changed
tree: 104f794a96c734e40dae143a51d827e3bb38cc26
  1. common/
  2. epoll_server/
  3. http2/
  4. quic/
  5. spdy/
  6. CONTRIBUTING.md
  7. LICENSE
  8. README.md
README.md

QUICHE

QUICHE (QUIC, Http/2, Etc) is Google‘s implementation of QUIC and related protocols. It powers Chromium as well as Google’s QUIC servers and some other projects.

The code is currently in process of being moved from https://cs.chromium.org/chromium/src/net/third_party/ into this repository. Please excuse our appearance while we're under construction.