)]}'
{
  "commit": "e0df3f7007a2d0bc68d3bcde617936a652377c75",
  "tree": "28d83099d11f582bdd3c2d9171ee7d1e315f5b42",
  "parents": [
    "244f6dcc1f007cb0517b5f659ec8a9f6dce2b562"
  ],
  "author": {
    "name": "dschinazi",
    "email": "dschinazi@google.com",
    "time": "Mon May 06 16:37:51 2019 -0700"
  },
  "committer": {
    "name": "Copybara-Service",
    "email": "copybara-worker@google.com",
    "time": "Tue May 07 07:21:42 2019 -0700"
  },
  "message": "Make client drop packets with wrong versions\n\nIn Google QUIC, packets with the version flag set and a different version number were version negotiation packets. In IETF QUIC, version negotiation packets have their own format, and it is now possible for a client to receive a packet that is not a version negotiation packet but still has a version different from what it expects. Those packets must be dropped.\n\nThis issue was found by Chromium clusterfuzz:\nhttps://bugs.chromium.org/p/chromium/issues/detail?id\u003d959143\nI was able to reproduce the fuzzer DCHECK failure and verify that the fix prevents it.\n\ngfe-relnote: client-only change to handling of packets with invalid versions, not flag protected\nPiperOrigin-RevId: 246921247\nChange-Id: I6610c9cd8c667bfad62fd335cc7f45fc425d3d2e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "55208e9a1659200d4a80ffa3f4667f3d31588085",
      "old_mode": 33188,
      "old_path": "quic/core/quic_framer.cc",
      "new_id": "0e026c626a0810b3e58ad4a9a489ce96b9bc63ff",
      "new_mode": 33188,
      "new_path": "quic/core/quic_framer.cc"
    },
    {
      "type": "modify",
      "old_id": "56665df84dbc5a48c17e01afd807aec6d3926bff",
      "old_mode": 33188,
      "old_path": "quic/core/quic_framer_test.cc",
      "new_id": "0b5dca5fe9007cadc663eb2bf382b1994f34f909",
      "new_mode": 33188,
      "new_path": "quic/core/quic_framer_test.cc"
    }
  ]
}