From: Xin Long <lucien.xin@gmail.com>
To: Paolo Abeni <pabeni@redhat.com>
Cc: Simon Horman <horms@kernel.org>,
steved@redhat.com, marcelo.leitner@gmail.com,
aahringo@redhat.com, alibuda@linux.alibaba.com,
jbaron@akamai.com, hare@suse.de, kuba@kernel.org,
tom@talpey.com, linux-cifs@vger.kernel.org, daniel@haxx.se,
quic@lists.linux.dev, jlayton@kernel.org, tfanelli@redhat.com,
dhowells@redhat.com, linkinjeon@kernel.org,
hepengtao@xiaomi.com, pc@manguebit.com,
kernel-tls-handshake@lists.linux.dev, illiliti@protonmail.com,
xiyou.wangcong@gmail.com, andrew.gospodarek@broadcom.com,
mail@johnericson.me, edumazet@google.com, matttbe@kernel.org,
netdev@vger.kernel.org, smfrench@gmail.com, metze@samba.org,
mbuhl@openbsd.org, chuck.lever@oracle.com, dreibh@simula.no,
davem@davemloft.net, sd@queasysnail.net
Subject: Re: [net-next,v9,03/15] quic: provide common utilities and data structures
Date: Thu, 5 Feb 2026 14:18:00 -0500 [thread overview]
Message-ID: <CADvbK_eLJ2HWxx5G8PBwePCUZ7dXdDw6X8pryWWyn7SRx1NdDg@mail.gmail.com> (raw)
In-Reply-To: <1bcfe20e-0103-44a5-82b5-90cba7ba5a60@redhat.com>
On Thu, Feb 5, 2026 at 7:51 AM Paolo Abeni <pabeni@redhat.com> wrote:
>
> On 2/5/26 12:54 PM, Simon Horman wrote:
> > This is an AI-generated review of your patch. The human sending this
> > email has considered the AI review valid, or at least plausible.
> >
> > For local reproduction steps see https://netdev-ai.bots.linux.dev/ai-local.html
> > ---
> > quic: provide common utilities and data structures
> >
> > This patch provides foundational data structures and utilities for
> > the QUIC stack, including hash tables for socket lookup, connection
> > ID management, and helpers for encoding/decoding transport parameters.
> >
> >> diff --git a/net/quic/common.c b/net/quic/common.c
> >> new file mode 100644
> >> index 000000000000..94321f3f213d
> >> --- /dev/null
> >> +++ b/net/quic/common.c
> >
> > [ ... ]
> >
> >> +/* Reads a QUIC transport parameter value. */
> >> +u8 quic_get_param(u64 *pdest, u8 **pp, u32 *plen)
> >> +{
> >> + u64 valuelen;
> >> +
> >> + if (!quic_get_var(pp, plen, &valuelen))
> >> + return 0;
> >> +
> >> + if (*plen < valuelen)
> >> + return 0;
> >> +
> >> + if (!quic_get_var(pp, plen, pdest))
> >> + return 0;
> >> +
> >> + return (u8)valuelen;
> >> +}
> >
> > Does quic_get_param() need to verify that quic_get_var() consumed exactly
> > valuelen bytes?
> >
> > The function reads valuelen at the first quic_get_var() call, then decodes
> > the value with the second quic_get_var(). However, quic_get_var() determines
> > how many bytes to consume based on the varint prefix in the data, not from
> > valuelen.
> >
> > If a malformed packet has valuelen=2 but the varint encoding requires 4 bytes,
> > quic_get_var() will consume 4 bytes while the function returns valuelen=2.
> > This could desynchronize parsing of subsequent parameters since the caller
> > expects the buffer to have advanced by valuelen bytes based on the return
> > value.
>
> Hard to tell without any caller for this function. Possibly you could
> drop it? IDK if enforcing such check would be correct/safe from an
> interoperability PoV.
I kind of forgot why I didn't validate it, I will decide if it should be
added after interop testing with those userland implementations.
>
> >> diff --git a/net/quic/common.h b/net/quic/common.h
> >> new file mode 100644
> >> index 000000000000..bfec0aaf2907
> >> --- /dev/null
> >> +++ b/net/quic/common.h
> >
> > [ ... ]
> >
> >> +#define QUIC_CONN_ID_MAX_LEN 20
> >
> > [ ... ]
> >
> >> +struct quic_conn_id {
> >> + u8 data[QUIC_CONN_ID_MAX_LEN];
> >> + u8 len;
> >> +};
> >> +
> >> +static inline void quic_conn_id_update(struct quic_conn_id *conn_id, u8 *data, u32 len)
> >> +{
> >> + memcpy(conn_id->data, data, len);
> >> + conn_id->len = (u8)len;
> >> +}
> >
> > Should quic_conn_id_update() validate that len does not exceed
> > QUIC_CONN_ID_MAX_LEN before the memcpy?
> >
> > The destination buffer conn_id->data is a 20-byte array, but the len
> > parameter is u32 with no bounds check. If a caller passes len > 20, the
> > memcpy would overflow the buffer.
>
> It looks like the check responsibility is on the callers. I guess it
> would make things more robust and simpler move the check here.
>
Parsing the connid from incoming packets will always check its length,
not good to move the check here then return an error for coding.
I will only leave a comment here. like:
/* Caller must ensure len does not exceed QUIC_CONN_ID_MAX_LEN. */
Thanks.
next prev parent reply other threads:[~2026-02-05 19:18 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-02 14:27 [PATCH net-next v9 00/15] net: introduce QUIC infrastructure and core subcomponents Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 01/15] net: define IPPROTO_QUIC and SOL_QUIC constants Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 02/15] net: build socket infrastructure for QUIC protocol Xin Long
2026-02-05 11:54 ` [net-next,v9,02/15] " Simon Horman
2026-02-05 12:48 ` Paolo Abeni
2026-02-05 19:03 ` Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 03/15] quic: provide common utilities and data structures Xin Long
2026-02-05 11:54 ` [net-next,v9,03/15] " Simon Horman
2026-02-05 12:51 ` Paolo Abeni
2026-02-05 19:18 ` Xin Long [this message]
2026-02-02 14:27 ` [PATCH net-next v9 04/15] quic: provide family ops for address and protocol Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 05/15] quic: provide quic.h header files for kernel and userspace Xin Long
2026-02-05 11:55 ` [net-next,v9,05/15] " Simon Horman
2026-02-05 19:37 ` Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 06/15] quic: add stream management Xin Long
2026-02-05 11:55 ` [net-next,v9,06/15] " Simon Horman
2026-02-05 18:56 ` Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 07/15] quic: add connection id management Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 08/15] quic: add path management Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 09/15] quic: add congestion control Xin Long
2026-02-05 11:55 ` [net-next,v9,09/15] " Simon Horman
2026-02-05 19:00 ` Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 10/15] quic: add packet number space Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 11/15] quic: add crypto key derivation and installation Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 12/15] quic: add crypto packet encryption and decryption Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 13/15] quic: add timer management Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 14/15] quic: add packet builder base Xin Long
2026-02-02 14:27 ` [PATCH net-next v9 15/15] quic: add packet parser base Xin Long
2026-02-05 11:55 ` [net-next,v9,15/15] " Simon Horman
2026-02-05 19:02 ` Xin Long
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CADvbK_eLJ2HWxx5G8PBwePCUZ7dXdDw6X8pryWWyn7SRx1NdDg@mail.gmail.com \
--to=lucien.xin@gmail.com \
--cc=aahringo@redhat.com \
--cc=alibuda@linux.alibaba.com \
--cc=andrew.gospodarek@broadcom.com \
--cc=chuck.lever@oracle.com \
--cc=daniel@haxx.se \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dreibh@simula.no \
--cc=edumazet@google.com \
--cc=hare@suse.de \
--cc=hepengtao@xiaomi.com \
--cc=horms@kernel.org \
--cc=illiliti@protonmail.com \
--cc=jbaron@akamai.com \
--cc=jlayton@kernel.org \
--cc=kernel-tls-handshake@lists.linux.dev \
--cc=kuba@kernel.org \
--cc=linkinjeon@kernel.org \
--cc=linux-cifs@vger.kernel.org \
--cc=mail@johnericson.me \
--cc=marcelo.leitner@gmail.com \
--cc=matttbe@kernel.org \
--cc=mbuhl@openbsd.org \
--cc=metze@samba.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pc@manguebit.com \
--cc=quic@lists.linux.dev \
--cc=sd@queasysnail.net \
--cc=smfrench@gmail.com \
--cc=steved@redhat.com \
--cc=tfanelli@redhat.com \
--cc=tom@talpey.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox