You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 lines
876 B
19 lines
876 B
diff --git a/common/quic_family_tmpl.c b/common/quic_family_tmpl.c
|
|
index 8a5f7d2c9be3f6b1bd82993703749268bab243b4..6cc051b36889f773fe5401e204db6245d99e27df 100644
|
|
--- a/subprojects/spice-common/common/quic_family_tmpl.c
|
|
+++ b/subprojects/spice-common/common/quic_family_tmpl.c
|
|
@@ -103,7 +103,12 @@ static s_bucket *FNAME(find_bucket)(Channel *channel, const unsigned int val)
|
|
{
|
|
spice_extra_assert(val < (0x1U << BPC));
|
|
|
|
- return channel->_buckets_ptrs[val];
|
|
+ /* The and (&) here is to avoid buffer overflows in case of garbage or malicious
|
|
+ * attempts. Is much faster then using comparisons and save us from such situations.
|
|
+ * Note that on normal build the check above won't be compiled as this code path
|
|
+ * is pretty hot and would cause speed regressions.
|
|
+ */
|
|
+ return channel->_buckets_ptrs[val & ((1U << BPC) - 1)];
|
|
}
|
|
|
|
#undef FNAME
|