commit e8d7fa7f6d944a8144585ace7a028f444deef721
author dschinazi <dschinazi@google.com> Fri Apr 05 14:44:40 2019 -0700
committer Copybara-Service <copybara-worker@google.com> Fri Apr 05 14:45:06 2019 -0700
tree 9efc08266a32432639124f473da33a2df46244fb
parent 07cc9389a43dc4391ff46d49ec8c4555ec07bc64

Increase maximum size of allowed incoming packets and remove incorrect QUIC_BUG

The current code would trigger a QUIC_BUG if we received a packet over 1452 bytes long. This CL increases that limit to 1472 and makes sure we fail gracefully by dropping the packet with error QUIC_PACKET_TOO_LARGE instead of triggering a QUIC_BUG.

gfe-relnote: minor change to handling of large packets (which we do not send), not flag protected
PiperOrigin-RevId: 242197597
Change-Id: Ia42288b44f3e26e0e28ab60485da9e0b570f2048

quic/core/quic_framer.cc

diff --git a/quic/core/quic_framer.cc b/quic/core/quic_framer.cc
index ca53ca4..f170cbc 100644
--- a/quic/core/quic_framer.cc
+++ b/quic/core/quic_framer.cc
@@ -27,6 +27,7 @@
 #include "net/third_party/quiche/src/quic/core/quic_utils.h"
 #include "net/third_party/quiche/src/quic/core/quic_versions.h"
 #include "net/third_party/quiche/src/quic/platform/api/quic_aligned.h"
+#include "net/third_party/quiche/src/quic/platform/api/quic_arraysize.h"
 #include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h"
 #include "net/third_party/quiche/src/quic/platform/api/quic_client_stats.h"
 #include "net/third_party/quiche/src/quic/platform/api/quic_endian.h"
@@ -1560,15 +1561,16 @@
     rv = ProcessVersionNegotiationPacket(&reader, header);
   } else if (header.reset_flag) {
     rv = ProcessPublicResetPacket(&reader, header);
-  } else if (packet.length() <= kMaxPacketSize) {
+  } else if (packet.length() <= kMaxIncomingPacketSize) {
     // The optimized decryption algorithm implementations run faster when
     // operating on aligned memory.
-    QUIC_CACHELINE_ALIGNED char buffer[kMaxPacketSize];
+    QUIC_CACHELINE_ALIGNED char buffer[kMaxIncomingPacketSize];
     if (packet_has_ietf_packet_header) {
       rv = ProcessIetfDataPacket(&reader, &header, packet, buffer,
-                                 kMaxPacketSize);
+                                 QUIC_ARRAYSIZE(buffer));
     } else {
-      rv = ProcessDataPacket(&reader, &header, packet, buffer, kMaxPacketSize);
+      rv = ProcessDataPacket(&reader, &header, packet, buffer,
+                             QUIC_ARRAYSIZE(buffer));
     }
   } else {
     std::unique_ptr<char[]> large_buffer(new char[packet.length()]);
@@ -1580,7 +1582,8 @@
                              packet.length());
     }
     QUIC_BUG_IF(rv) << "QUIC should never successfully process packets larger"
-                    << "than kMaxPacketSize. packet size:" << packet.length();
+                    << "than kMaxIncomingPacketSize. packet size:"
+                    << packet.length();
   }
   return rv;
 }
@@ -1857,9 +1860,8 @@
     return true;
   }
 
-  if (packet.length() > kMaxPacketSize) {
-    // If the packet has gotten this far, it should not be too large.
-    QUIC_BUG << "Packet too large:" << packet.length();
+  if (packet.length() > kMaxIncomingPacketSize) {
+    set_detailed_error("Packet too large.");
     return RaiseError(QUIC_PACKET_TOO_LARGE);
   }
 
@@ -1936,9 +1938,8 @@
     return true;
   }
 
-  if (packet.length() > kMaxPacketSize) {
-    // If the packet has gotten this far, it should not be too large.
-    QUIC_BUG << "Packet too large:" << packet.length();
+  if (packet.length() > kMaxIncomingPacketSize) {
+    set_detailed_error("Packet too large.");
     return RaiseError(QUIC_PACKET_TOO_LARGE);
   }