QUIC: limited size of generated Stateless Reset packets.

author Sergey Kandaurov <pluknet@nginx.com>

Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)

committer Sergey Kandaurov <s.kandaurov@f5.com>

Thu, 26 Feb 2026 14:05:07 +0000 (18:05 +0400)
author Sergey Kandaurov <pluknet@nginx.com>
Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)
committer Sergey Kandaurov <s.kandaurov@f5.com>
Thu, 26 Feb 2026 14:05:07 +0000 (18:05 +0400)
diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c

index 25fe43de2d28c432a159a044a2f272fae638a0a2..72119a8ea0902b6134483a26bb08b183a9295d49 100644 (file)
--- a/src/event/quic/ngx_event_quic_output.c
+++ b/src/event/quic/ngx_event_quic_output.c
@@ -839,13 +839,13 @@ ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf,
          len = pkt->len - 1;
  
      } else {
-        max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3);
+        max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len);
  
          if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) {
              return NGX_ERROR;
          }
  
-        len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1))
+        len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET))
                + NGX_QUIC_MIN_SR_PACKET;
      }
author	Sergey Kandaurov <pluknet@nginx.com>
	Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)
committer	Sergey Kandaurov <s.kandaurov@f5.com>
	Thu, 26 Feb 2026 14:05:07 +0000 (18:05 +0400)