Commit e6e01f00aa for openssl.org
commit e6e01f00aa4196d3c133fac6c83dccfbda5b1e69
Author: Abhinav Agarwal <abhinavagarwal1996@gmail.com>
Date: Mon Mar 23 19:17:04 2026 -0700
quic: add missing return 0 after raise_protocol_error for NEW_CONN_ID
Every other frame type handler in depack_process_frames() returns 0
after calling ossl_quic_channel_raise_protocol_error(), but the
NEW_CONN_ID case falls through to depack_do_frame_new_conn_id().
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Fri Mar 27 16:48:44 2026
(Merged from https://github.com/openssl/openssl/pull/30550)
diff --git a/ssl/quic/quic_rx_depack.c b/ssl/quic/quic_rx_depack.c
index 83f66ef59e..55345bf2cf 100644
--- a/ssl/quic/quic_rx_depack.c
+++ b/ssl/quic/quic_rx_depack.c
@@ -1316,6 +1316,7 @@ static int depack_process_frames(QUIC_CHANNEL *ch, PACKET *pkt,
OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
frame_type,
"NEW_CONN_ID valid only in 0/1-RTT");
+ return 0;
}
if (!depack_do_frame_new_conn_id(pkt, ch, ackm_data))
return 0;