QUIC: limited size of generated Stateless Reset packets.

author Sergey Kandaurov <pluknet@nginx.com>

Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)

committer Roman Arutyunyan <arutyunyan.roman@gmail.com>

Tue, 24 Mar 2026 18:33:23 +0000 (22:33 +0400)
author Sergey Kandaurov <pluknet@nginx.com>
Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)
committer Roman Arutyunyan <arutyunyan.roman@gmail.com>
Tue, 24 Mar 2026 18:33:23 +0000 (22:33 +0400)
diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c

index 789eff9dc81efa71790add10cbd3595dc1e8ae42..e872b803cf0027dd6d4fd74b93a12b53b045f2f7 100644 (file)
--- a/src/event/quic/ngx_event_quic_output.c
+++ b/src/event/quic/ngx_event_quic_output.c
@@ -839,13 +839,13 @@ ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf,
          len = pkt->len - 1;
  
      } else {
-        max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3);
+        max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len);
  
          if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) {
              return NGX_ERROR;
          }
  
-        len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1))
+        len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET))
                + NGX_QUIC_MIN_SR_PACKET;
      }
author	Sergey Kandaurov <pluknet@nginx.com>
	Fri, 20 Feb 2026 14:52:56 +0000 (18:52 +0400)
committer	Roman Arutyunyan <arutyunyan.roman@gmail.com>
	Tue, 24 Mar 2026 18:33:23 +0000 (22:33 +0400)