Difuse/Mellaris
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

analyzer: make http3/quic handling more reliable
Some checks failed
Quality check / Tests (push) Has been cancelled
Details
Quality check / Static analysis (push) Has been cancelled
Details

Browse Source
This commit is contained in:
hayzam
2026-02-11 15:53:26 +05:30
parent 43cb4755d0
commit a4baa1b1a3
2 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
analyzer/udp/quic.go
View File

@@ -40,6 +40,7 @@ func (a *QUICAnalyzer) NewUDP(info analyzer.UDPInfo, logger analyzer.Logger) ana
type quicStream struct {
logger analyzer.Logger
invalidCount int
debugCount int
frames map[int64][]byte
maxEnd int64
}
@@ -55,6 +56,10 @@ func (s *quicStream) Feed(rev bool, data []byte) (u *analyzer.PropUpdate, done b
if errors.Is(err, quic.ErrNotInitialPacket) {
return nil, false
}
if s.debugCount < 4 {
s.logger.Debugf("failed to read QUIC CRYPTO frames: %v", err)
s.debugCount++
}
s.invalidCount++
return nil, s.invalidCount >= quicInvalidCountThreshold
}
@@ -73,6 +78,10 @@ func (s *quicStream) Feed(rev bool, data []byte) (u *analyzer.PropUpdate, done b
if pl[0] != internal.TypeClientHello {
// Not a ClientHello (e.g. server-direction CRYPTO); ignore.
if s.debugCount < 4 {
s.logger.Debugf("CRYPTO payload does not start with ClientHello: type=%d", pl[0])
s.debugCount++
}
return nil, false
}
@@ -88,6 +97,10 @@ func (s *quicStream) Feed(rev bool, data []byte) (u *analyzer.PropUpdate, done b
m := internal.ParseTLSClientHelloMsgData(&utils.ByteBuffer{Buf: pl[4 : 4+chLen]})
if m == nil {
if s.debugCount < 4 {
s.logger.Debugf("failed to parse TLS ClientHello from QUIC CRYPTO payload")
s.debugCount++
}
s.invalidCount++
return nil, s.invalidCount >= quicInvalidCountThreshold
}