🐞 fix(parse_quic_uncryption_payload): 增加长度判断，修复长度异常时造成的内存非法读v2.0.8

附test/pcap/quic_len-2.pcapng为解析长度异常的包
author: yangwei <[email protected]> 2023-07-28 23:24:57 +0800
committer: yangwei <[email protected]> 2023-07-28 23:24:57 +0800
commit: 4d731800bf93d744d8cd669cc3e78227566ada62 (patch)
tree: 3b8d885948f673418d0a562bba319fc2d42ea896 /src/quic_process.cpp
parent: 1b678406e73e75d9728b03bb284757b293610fa5 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/quic_process.cpp b/src/quic_process.cpp
index fe86a46..4b677c6 100644
--- a/src/quic_process.cpp
+++ b/src/quic_process.cpp
@@ -778,7 +778,11 @@ unsigned char parse_quic_all_version(struct quic_info *quic_info, const char *pa
 	
 	if(quic_version>=GQUIC_VERSION_Q001 && quic_version<=GQUIC_VERSION_Q048)
 	{
-		return parse_quic_uncryption_payload(quic_info, payload+payload_offset, payload_len-payload_offset, thread_seq);
+		if(payload_len > payload_offset)
+		{
+			return parse_quic_uncryption_payload(quic_info, payload+payload_offset, payload_len-payload_offset, thread_seq);
+		}
+		return PARSE_RESULT_VERSION;
 	}
 	else if(((quic_version>=MVFST_VERSION_00 && quic_version<=MVFST_VERSION_0F)		||
 						(quic_version>=GQUIC_VERSION_Q049 && quic_version<=GQUIC_VERSION_Q059)	||
author	yangwei <[email protected]>	2023-07-28 23:24:57 +0800
committer	yangwei <[email protected]>	2023-07-28 23:24:57 +0800
commit	4d731800bf93d744d8cd669cc3e78227566ada62 (patch)
tree	3b8d885948f673418d0a562bba319fc2d42ea896 /src/quic_process.cpp
parent	1b678406e73e75d9728b03bb284757b293610fa5 (diff)