From ed80eca4ef52028df9d5915c049fa1ad66b0f0f7 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 23 Dec 2024 15:07:54 +0900 Subject: [PATCH] retire cid queue can overflow while buidling packets --- lib/quicly.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/quicly.c b/lib/quicly.c index 7669fefd..de155510 100644 --- a/lib/quicly.c +++ b/lib/quicly.c @@ -5544,6 +5544,7 @@ int quicly_send(quicly_conn_t *conn, quicly_address_t *dest, quicly_address_t *s if (conn->super.state >= QUICLY_STATE_CLOSING) { quicly_sentmap_iter_t iter; + DoClose: if ((ret = init_acks_iter(conn, &iter)) != 0) goto Exit; /* check if the connection can be closed now (after 3 pto) */ @@ -5583,13 +5584,17 @@ int quicly_send(quicly_conn_t *conn, quicly_address_t *dest, quicly_address_t *s conn->paths[s.path_index]->path_response.send_)) continue; if (conn->paths[s.path_index]->path_challenge.num_sent > conn->super.ctx->max_probe_packets) { - delete_path(conn, s.path_index); + if ((ret = delete_path(conn, s.path_index)) != 0) { + initiate_close(conn, ret, QUICLY_FRAME_TYPE_PADDING, NULL); + goto DoClose; + } s.recalc_send_probe_at = 1; continue; } /* determine DCID to be used, if not yet been done; upon failure, this path (being secondary) is discarded */ if (conn->paths[s.path_index]->dcid == UINT64_MAX && !setup_path_dcid(conn, s.path_index)) { - delete_path(conn, s.path_index); + ret = delete_path(conn, s.path_index); + assert(ret == 0 && "path->dcid is UINT64_MAX and therefore does not trigger an error"); s.recalc_send_probe_at = 1; conn->super.stats.num_paths.closed_no_dcid += 1; continue;