Google Git
Sign in
quiche / quiche / b953d02e8bbaf798302bd33645a8e8d537ac8884^! / . / quic / core / quic_utils.cc
commitb953d02e8bbaf798302bd33645a8e8d537ac8884[log] [tgz]
authordschinazi <dschinazi@google.com>Thu Aug 01 18:05:58 2019 -0700
committerCopybara-Service <copybara-worker@google.com>Fri Aug 02 06:20:58 2019 -0700
treec30f124982e7d95e02ff310dd02079b00341411c
parent914536425ee6193b2b60169389574eb8c56435e0 [diff] [blame]
Add connection ID length checks

These changes only impact behavior for versions that support variable length connection IDs, and all of those versions are disabled by flags, so we don't need extra flag protection.

gfe-relnote: add connection ID length checks, protected by disabled quic_enable_v47 flag
PiperOrigin-RevId: 261237221
Change-Id: I89e7bec58644b7ec18e3c7ce3ecbd6d93c9c0fc3

diff --git a/quic/core/quic_utils.cc b/quic/core/quic_utils.cc
index a9de14a..4ff7489 100644
--- a/quic/core/quic_utils.cc
+++ b/quic/core/quic_utils.cc

@@ -505,18 +505,12 @@
 QuicConnectionId QuicUtils::CreateRandomConnectionId(
     uint8_t connection_id_length,
     QuicRandom* random) {
-  if (connection_id_length == 0) {
-    return EmptyQuicConnectionId();
+  QuicConnectionId connection_id;
+  connection_id.set_length(connection_id_length);
+  if (connection_id.length() > 0) {
+    random->RandBytes(connection_id.mutable_data(), connection_id.length());
   }
-  if (connection_id_length > kQuicMaxConnectionIdLength) {
-    QUIC_BUG << "Tried to CreateRandomConnectionId of invalid length "
-             << static_cast<int>(connection_id_length);
-    connection_id_length = kQuicMaxConnectionIdLength;
-  }
-  char connection_id_bytes[kQuicMaxConnectionIdLength];
-  random->RandBytes(connection_id_bytes, connection_id_length);
-  return QuicConnectionId(static_cast<char*>(connection_id_bytes),
-                          connection_id_length);
+  return connection_id;
 }
 
 // static
@@ -554,7 +548,14 @@
   if (!VariableLengthConnectionIdAllowedForVersion(transport_version)) {
     return connection_id_length8 == kQuicDefaultConnectionIdLength;
   }
-  // Currently all other versions require the length to be at most 18 bytes.
+  // Versions that do support variable length but do not have length-prefixed
+  // connection IDs use the 4-bit connection ID length encoding which can
+  // only encode values 0 and 4-18.
+  if (!VersionHasLengthPrefixedConnectionIds(transport_version)) {
+    return connection_id_length8 == 0 ||
+           (connection_id_length8 >= 4 &&
+            connection_id_length8 <= kQuicMaxConnectionIdLength);
+  }
   return connection_id_length8 <= kQuicMaxConnectionIdLength;
 }