Difuse/Mellaris
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

analyzer: make http3/quic handling more reliable
Some checks failed
Quality check / Static analysis (push) Has been cancelled
Details
Quality check / Tests (push) Has been cancelled
Details

Browse Source
This commit is contained in:
hayzam
2026-02-11 15:49:32 +05:30
parent c3fe0ea16f
commit 43cb4755d0
4 changed files with 59 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
analyzer/udp/internal/quic/payload.go
View File

@@ -51,15 +51,27 @@ func ReadCryptoFrames(packet []byte) ([]CryptoFrame, error) {
if int64(len(packet)) < offset+hdr.Length {
return nil, fmt.Errorf("packet is too short: %d < %d", len(packet), offset+hdr.Length)
}
unProtectedPayload, err := pp.UnProtect(packet[:offset+hdr.Length], offset, 2)
if err != nil {
return nil, err
packetView := packet[:offset+hdr.Length]
pnMaxGuesses := []int64{0, 1, 2, 3, 4, 8, 16}
var lastErr error
for _, pnMax := range pnMaxGuesses {
packetCopy := append([]byte(nil), packetView...)
unProtectedPayload, err := pp.UnProtect(packetCopy, offset, pnMax)
if err != nil {
lastErr = err
continue
}
frs, err := extractCryptoFrames(bytes.NewReader(unProtectedPayload))
if err != nil {
lastErr = err
continue
}
return frs, nil
}
frs, err := extractCryptoFrames(bytes.NewReader(unProtectedPayload))
if err != nil {
return nil, err
if lastErr != nil {
return nil, lastErr
}
return frs, nil
return nil, errors.New("unable to decrypt initial packet")
}
const (