From d10ffedc17e0ef87f6e59696007fd1ad58d191ba Mon Sep 17 00:00:00 2001 From: Sijie Yang Date: Thu, 23 Nov 2023 20:08:43 +0800 Subject: [PATCH] Ignore packets with unknown dcid --- src/connection/connection.rs | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/src/connection/connection.rs b/src/connection/connection.rs index 6ba3c006..f2da50f3 100644 --- a/src/connection/connection.rs +++ b/src/connection/connection.rs @@ -2745,10 +2745,8 @@ impl Connection { info: &PacketInfo, buf_len: usize, ) -> Result { - let (cid_seq, mut cid_pid) = self - .cids - .find_scid(dcid) - .ok_or(Error::InvalidState("unknown dcid".into()))?; + // Note: If the incoming packet carrys an unknown dcid, just ignore and drop it. + let (cid_seq, mut cid_pid) = self.cids.find_scid(dcid).ok_or(Error::Done)?; // The incoming packet arrived on the existing path (for Client/Server). if let Some(recv_pid) = recv_pid { @@ -5500,6 +5498,29 @@ pub(crate) mod tests { Ok(()) } + #[test] + fn recv_packet_unknown_dcid() -> Result<()> { + let mut test_pair = TestPair::new_with_test_config()?; + test_pair.handshake()?; + + // Client send NEW_CONNECTION_ID + let (scid, reset_token) = (ConnectionId::random(), Some(1)); + test_pair + .server + .cids + .add_scid(scid, reset_token, true, None, true)?; + let mut packets = TestPair::conn_packets_out(&mut test_pair.client)?; + assert!(!packets.is_empty()); + + // Tamper dcid field of the OneRTT packet + let (mut packet, info) = packets.pop().unwrap(); + packet[1] = packet[1] + 1; // change first byte of dcid field + + // Server drop the packet with unknown dcid + assert!(test_pair.server.recv(&mut packet, &info).is_ok()); + Ok(()) + } + #[test] fn recv_packet_stream_frame() -> Result<()> { let mut test_pair = TestPair::new_with_test_config()?;