IETF Logo Mail Archive

RE: Proposal to replace ACK block count with ACK length

"Deval, Manasi" <manasi.deval@intel.com> Tue, 19 June 2018 20:19 UTC

Return-Path: <manasi.deval@intel.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E2D6130ECB for <quic@ietfa.amsl.com>; Tue, 19 Jun 2018 13:19:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oe9dzHBtRaXk for <quic@ietfa.amsl.com>; Tue, 19 Jun 2018 13:19:07 -0700 (PDT)
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27948130E30 for <quic@ietf.org>; Tue, 19 Jun 2018 13:19:07 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Jun 2018 13:19:06 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.51,244,1526367600"; d="scan'208,217";a="233912253"
Received: from orsmsx103.amr.corp.intel.com ([10.22.225.130]) by orsmga005.jf.intel.com with ESMTP; 19 Jun 2018 13:19:05 -0700
Received: from orsmsx153.amr.corp.intel.com (10.22.226.247) by ORSMSX103.amr.corp.intel.com (10.22.225.130) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 19 Jun 2018 13:19:05 -0700
Received: from orsmsx111.amr.corp.intel.com ([169.254.12.50]) by ORSMSX153.amr.corp.intel.com ([10.22.226.247]) with mapi id 14.03.0319.002; Tue, 19 Jun 2018 13:19:05 -0700
From: "Deval, Manasi" <manasi.deval@intel.com>
To: Eric Rescorla <ekr@rtfm.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
CC: Kazuho Oku <kazuhooku@gmail.com>, Marten Seemann <martenseemann@gmail.com>, Praveen Balasubramanian <pravb@microsoft.com>, Jana Iyengar <jri.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>, Martin Thomson <martin.thomson@gmail.com>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>
Subject: RE: Proposal to replace ACK block count with ACK length
Thread-Topic: Proposal to replace ACK block count with ACK length
Thread-Index: AdP8YgwJ2vNnJzEFTfGDVpW0S5D9xAFc4mOAAA2Oe4AAC1gQUACxPCCAAAyM/YAAAWbSgAABAJmAAAUhF4AAJqV6gAAHDGIAABvs+wAAAXoxAAAAa3CAAABfXoAAAUH10ABdzFywAA7XrIAAAZkJAAAMVqCA
Date: Tue, 19 Jun 2018 20:19:05 +0000
Message-ID: <1F436ED13A22A246A59CA374CBC543998B83EEFC@ORSMSX111.amr.corp.intel.com>
References: <1F436ED13A22A246A59CA374CBC543998B832414@ORSMSX111.amr.corp.intel.com> <20180611154244.GA27622@ubuntu-dmitri> <CACpbDcdxzRxeiN93kKoj__vo2TERm4QZKqaesL=jr4wQUN1gXA@mail.gmail.com> <1F436ED13A22A246A59CA374CBC543998B833B91@ORSMSX111.amr.corp.intel.com> <CABcZeBOjjRrX+AsXdgcUKpL=ciL8U_U1+WVAhQv-ZjwGxkQxYw@mail.gmail.com> <MWHPR21MB0638068EFA850328793E55F6B67C0@MWHPR21MB0638.namprd21.prod.outlook.com> <CACpbDcdbTKKEh8dcshWM6-7vq2hBFJC1myL1+H6etpMMjth+wg@mail.gmail.com> <CABkgnnV_thWcAi=AdwV+Za5rXywiUvtOYpsNNp1y7=RvL2MvWA@mail.gmail.com> <CAOYVs2qE=Tw_7eax9HwaESaQPMh7k3BSVV112d+pPeSfZ09EjQ@mail.gmail.com> <CABcZeBOCRHAuh44CrMH02UZ3Ar_2sa5M1c3LG_A-RPzXX+H+Yw@mail.gmail.com> <CAKcm_gOeZHR-BGJiqK=zQKqbgq=briQuH+fzHrkUYbhQx3B_sw@mail.gmail.com> <CANatvzyKv8EGVR-Z5WMDKbeuKHP791OynsTqX=+HriKBxFnafA@mail.gmail.com> <CAOYVs2oE6yawW04MVH1ApewSJ+0g9g2oMxCj+CU+butfiAe8kA@mail.gmail.com> <CANatvzxniU0AUEi5tuKzmX45uTUV6-y0JbqcdKTpu1J4WQR7JA@mail.gmail.com> <CAOYVs2p9vJrCVuXqGsR29rOGj=CNt1m7TcavGV9Kwk-9hA4sPQ@mail.gmail.com> <1F436ED13A22A246A59CA374CBC543998B83AB21@ORSMSX111.amr.corp.intel.com> <1F436ED13A22A246A59CA374CBC543998B83EC27@ORSMSX111.amr.corp.intel.com> <CAN1APdfYmj4M0mVedCUhRG9qYXpDSoN8TgYY_X72HkV6+ixEbg@mail.gmail.com> <CABcZeBOO=Z2ANQ_AvzRDEx7LbABgGAAggLHWGRBB7tNdUZ_0LA@mail.gmail.com>
In-Reply-To: <CABcZeBOO=Z2ANQ_AvzRDEx7LbABgGAAggLHWGRBB7tNdUZ_0LA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZGQ2NWFlZWMtODQyNC00NTVkLThlMTctOWU1YWM5NWQyYmExIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoicjhjSFwvcllXV2lINWFiTmY4bzBLWmNHVGhLUTFoVFJCeXJDNFpoM0lidFl4a0hrYlhMd2VqbFwvMURrdGNwSjhjIn0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.200.100
dlp-reaction: no-action
x-originating-ip: [10.22.254.140]
Content-Type: multipart/alternative; boundary="_000_1F436ED13A22A246A59CA374CBC543998B83EEFCORSMSX111amrcor_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/4YXuOT0PAyOD2A2EGf4pV-4pYZE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2018 20:19:13 -0000

I have the same question as Eric.

From: Eric Rescorla [mailto:ekr@rtfm.com]
Sent: Tuesday, June 19, 2018 12:12 PM
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Kazuho Oku <kazuhooku@gmail.com>; Deval, Manasi <manasi.deval@intel.com>; Marten Seemann <martenseemann@gmail.com>; Praveen Balasubramanian <pravb@microsoft.com>; Jana Iyengar <jri.ietf@gmail.com>; IETF QUIC WG <quic@ietf.org>; Martin Thomson <martin.thomson@gmail.com>; Ian Swett <ianswett=40google.com@dmarc.ietf.org>
Subject: Re: Proposal to replace ACK block count with ACK length




On Tue, Jun 19, 2018 at 11:25 AM, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com<mailto:mikkelfj@gmail.com>> wrote:
I don’t think you addressed e) at all. Clearly there is an end of buffer check, but that is not the same as requiring additonal checks at many other levels.


Not Manasi, but I don't understand (e).

Here's the relevant section of the Minq decoder.

    func (f *ackFrame) unmarshal(buf []byte) (int, error) {
        // Omitted the section that decoded the header

        // Now decode each block
        for i := uint64(0); i < f.AckBlockCount; i++ {
            blk := &ackBlock{}
            n, err := syntax.Unmarshal(buf, blk)
            if err != nil {
                return 0, err
            }
            buf = buf[n:]
            read += n

            f.AckBlockSection = append(f.AckBlockSection, blk)
        }

        return read, nil
    }

You pass in the entire remainder of the packet and then it parses
out the ACK frame and then returns the amount consumed.

If we were to change to what Manasi proposes, it would look like:

    func (f *ackFrame) unmarshal(buf []byte) (int, error) {
        // Omitted the section that decoded the header

        // Trim the buffer to the remainder length
        if f.AckLength > len(buf) {
                return 0, ProtocolInvalidError
        }
        buf = buf[f.AckLength:]

        for len(buf) > 0 {
            blk := &ackBlock{}
            n, err := syntax.Unmarshal(buf, blk)
            if err != nil {
                return 0, err
            }
            buf = buf[n:]
            read += n

            f.AckBlockSection = append(f.AckBlockSection, blk)
        }

        return read, nil
    }

Is your concern here the additional length check after the
comment "Trim the buffer"? Something else?

-Ekr






On 19 June 2018 at 20.22.03, Deval, Manasi (manasi.deval@intel.com<mailto:manasi.deval@intel.com>) wrote:



e.      Every encodable value should be valid

Not every length will be valid. This is inherent to lengths. This same issue ails the ‘payload length’ in QUIC header. Not only does the issue exist for small values, it also applies to large values since data stream will be sent after crypto negotiation.  E.g.  - how does one craft a payload with 62 bit payload length in a large header?

v2.23.0 | Report a Bug | By Email