fix: Only try SNI slicing at offset 0

And also check that the SNI length makes sense. This should fix the spurios failures for `compatible_upgrade_large_initial`.
mozilla · Feb 11, 2025 · a6a5a76 · a6a5a76
1 parent 1d9de16
commit a6a5a76
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/neqo-transport/src/crypto.rs b/neqo-transport/src/crypto.rs
@@ -1575,7 +1575,7 @@ impl CryptoStreams {
         let Some((offset, data)) = cs.tx.next_bytes() else {
             return;
         };
-        let written = if sni_slicing {
+        let written = if sni_slicing && offset == 0 {
             if let Some(sni) = find_sni(data) {
                 // Cut the crypto data in two at the midpoint of the SNI and swap the chunks.
                 let mid = sni.start + (sni.end - sni.start) / 2;

diff --git a/neqo-transport/src/shuffle.rs b/neqo-transport/src/shuffle.rs
@@ -48,6 +48,9 @@ pub fn find_sni(buf: &[u8]) -> Option<Range<usize>> {
         if ext_type == 0 {
             // SNI!
             let sni_len: u16 = dec.decode_uint()?;
+            if sni_len < 3 {
+                return None;
+            }
             skip(&mut dec, 3)?; // Skip name_type and host_name length
             let start = dec.offset();
             let end = start + usize::from(sni_len) - 3;