analyzer: make http3/quic handling more reliable

2026-02-11 15:32:29 +05:30
parent 20294716e3
commit fdfe61457c
4 changed files with 34 additions and 0 deletions
--- a/analyzer/udp/internal/quic/payload.go
+++ b/analyzer/udp/internal/quic/payload.go
@@ -270,6 +270,11 @@ func extractCryptoFrames(r *bytes.Reader) ([]CryptoFrame, error) {
 				return nil, err
 			}
 		default:
+			// Unknown/extension frame type: if we already collected CRYPTO
+			// frames, return them instead of failing hard.
+			if len(frames) > 0 {
+				return frames, nil
+			}
 			return nil, fmt.Errorf("unsupported frame type: %d", typ)
 		}
 	}
--- a/analyzer/udp/internal/quic/payload_test.go
+++ b/analyzer/udp/internal/quic/payload_test.go
@@ -37,3 +37,21 @@ func TestExtractCryptoFrames_UnsupportedFrame(t *testing.T) {
 		t.Fatal("extractCryptoFrames() error = nil, want non-nil")
 	}
 }
+
+func TestExtractCryptoFrames_UnknownAfterCrypto(t *testing.T) {
+	// CRYPTO(offset=0,"abc"), then unknown frame type 0x20.
+	payload := []byte{
+		0x06, 0x00, 0x03, 'a', 'b', 'c',
+		0x20,
+	}
+	frames, err := extractCryptoFrames(bytes.NewReader(payload))
+	if err != nil {
+		t.Fatalf("extractCryptoFrames() error = %v", err)
+	}
+	if len(frames) != 1 {
+		t.Fatalf("extractCryptoFrames() len = %d, want 1", len(frames))
+	}
+	if frames[0].Offset != 0 || string(frames[0].Data) != "abc" {
+		t.Fatalf("frame0 = %+v, want offset=0 data=abc", frames[0])
+	}
+}