From 098f27f9ef8be2a418f76896ee3c824e8709fcf7 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 17 Oct 2023 14:55:48 +0100 Subject: [PATCH] Ignore ping deadline when calculating tick deadline if we can't send If the CC TX allowance is zero then we cannot send a PING frame at the moment, so do not take into account the ping deadline when calculating the tick deadline in that case. This avoids the hang found by the fuzzer mentioned in https://github.com/openssl/openssl/pull/22368#issuecomment-1765131727 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22410) --- ssl/quic/quic_channel.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index a6ed14664e..0462fd2411 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -2598,6 +2598,13 @@ static OSSL_TIME ch_determine_next_tick_deadline(QUIC_CHANNEL *ch) ossl_quic_enc_level_to_pn_space(i))); } } + + /* + * When do we need to send an ACK-eliciting packet to reset the idle + * deadline timer for the peer? + */ + if (!ossl_time_is_infinite(ch->ping_deadline)) + deadline = ossl_time_min(deadline, ch->ping_deadline); } /* Apply TXP wakeup deadline. */ @@ -2612,14 +2619,6 @@ static OSSL_TIME ch_determine_next_tick_deadline(QUIC_CHANNEL *ch) deadline = ossl_time_min(deadline, ch->idle_deadline); - /* - * When do we need to send an ACK-eliciting packet to reset the idle - * deadline timer for the peer? - */ - if (!ossl_time_is_infinite(ch->ping_deadline)) - deadline = ossl_time_min(deadline, - ch->ping_deadline); - /* When does the RXKU process complete? */ if (ch->rxku_in_progress) deadline = ossl_time_min(deadline, ch->rxku_update_end_deadline);