From bfbeecdc1c23c4ba4e7697b67e4888a80b533fdb Mon Sep 17 00:00:00 2001 From: Phoenix Kahlo Date: Sat, 21 Dec 2024 14:46:32 -0600 Subject: [PATCH] proto: Reject RetryToken with extra bytes This probably won't affect much, but is slightly more defensive. --- quinn-proto/src/token.rs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/quinn-proto/src/token.rs b/quinn-proto/src/token.rs index 8419c6bbc..15cff4aa3 100644 --- a/quinn-proto/src/token.rs +++ b/quinn-proto/src/token.rs @@ -119,6 +119,11 @@ impl RetryToken { let orig_dst_cid = ConnectionId::decode_long(&mut reader)?; let issued = decode_unix_secs(&mut reader)?; + if !reader.is_empty() { + // Consider extra bytes a decoding error (it may be from an incompatible endpoint) + return None; + } + Some(Self { address, orig_dst_cid,