From f75312d48c3531d5078e26d2c614b6e576ce0773 Mon Sep 17 00:00:00 2001
From: plumplumli <78056809+plumplumli@users.noreply.github.com>
Date: Mon, 16 Dec 2024 23:12:57 +0800
Subject: [PATCH] Fix: infinite loop in parse_header_data() when HTTP/3 header
 length exceeds 65535 (#69)

Co-authored-by: plumplumli <plumplumli@tencent.com>
---
 lsqpack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lsqpack.c b/lsqpack.c
index 3010877..4cfebe7 100644
--- a/lsqpack.c
+++ b/lsqpack.c
@@ -3318,7 +3318,7 @@ header_out_grow_buf (struct lsqpack_dec *dec,
         size = 2;
     need = read_ctx->hbrc_out.xhdr->val_len + size / 2;
     if (need > LSXPACK_MAX_STRLEN)
-        need = LSXPACK_MAX_STRLEN;
+        return -1;
     read_ctx->hbrc_out.xhdr = dec->qpd_dh_if->dhi_prepare_decode(
                         read_ctx->hbrc_hblock, read_ctx->hbrc_out.xhdr, need);
     if (!read_ctx->hbrc_out.xhdr)