[quicwg/base-drafts] Get rid of DoS vulnerability in Reserved Bits (#2280)

martinduke <notifications@github.com> Mon, 31 December 2018 06:07 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 217231277CC for <quic-issues@ietfa.amsl.com>; Sun, 30 Dec 2018 22:07:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.064
X-Spam-Level:
X-Spam-Status: No, score=-8.064 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bHS3_Orlam_B for <quic-issues@ietfa.amsl.com>; Sun, 30 Dec 2018 22:07:22 -0800 (PST)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 552D51276D0 for <quic-issues@ietf.org>; Sun, 30 Dec 2018 22:07:22 -0800 (PST)
Date: Sun, 30 Dec 2018 22:07:20 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1546236440; bh=EcxHdRFTp3miW8GYIXKxZAUNcHHg5hUQJ2AQtu0uN/Q=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=FTPZRoE3TvyamYJKf9maBvaYoyKPh7TndhkS9LoUsSVXZrAkxzC6l86YfMHRLUAM3 4JXYhUQYyrb9+XfDrUL8leFR9uxPZu8oQSAByMCihVx1RgYTvWxX1khr9vGnaLUAak U8TydddGmHBZwbQ4KJ5b23xjBWUJ4uKMW7cALc2k=
From: martinduke <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abe098af426c92fb6a06406794a789b3f492955a8792cf000000011841741892a169ce178a377a@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2280@github.com>
Subject: [quicwg/base-drafts] Get rid of DoS vulnerability in Reserved Bits (#2280)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c29b2185f539_2a443fc40ead45b4773372"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/hagRJF8Q74qBsCGkOLlqG5f4HxE>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Dec 2018 06:07:24 -0000

As currently written, any garbage packet, after removing header protection, will have nonzero reserved bits and bring the connection down. Not good!

Similarly, it is perverse to force me to actually decrypt the full packet to see if it turns out to be a misbehaving end host and comply with the other possible reading of this requirement. Let the receiver just drop the bad packet after header decryption and carry on.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/2280

-- Commit Summary --

  * Get rid of DoS vulnerability in Reserved Bits

-- File Changes --

    M draft-ietf-quic-transport.md (11)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/2280.patch
https://github.com/quicwg/base-drafts/pull/2280.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2280