fix: properly handling duplicate stream ids if ids are used out of order

tegefaulkes · tegefaulkes · commit bd8f0338e87a · 2025-02-20T15:54:40.000+11:00
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/QUICConnection.ts b/src/QUICConnection.ts
@@ -107,22 +107,29 @@ class QUICConnection {
   /**
    * Tracks the highest StreamId that has a created QUICStream for clientBidi
    */
-  protected streamIdUsedClientBidi = -1 as StreamId;
+  protected streamIdUsedClientBidi = (0b00 - 4) as StreamId;
 
   /**
    * Tracks the highest StreamId that has a created QUICStream for serverBidi
    */
-  protected streamIdUsedServerBidi = -1 as StreamId;
+  protected streamIdUsedServerBidi = (0b01 - 4) as StreamId;
 
   /**
    * Tracks the highest StreamId that has a created QUICStream for clientUni
    */
-  protected streamIdUsedClientUni = -1 as StreamId;
+  protected streamIdUsedClientUni = (0b10 - 4) as StreamId;
 
   /**
    * Tracks the highest StreamId that has a created QUICStream for clientUni
    */
-  protected streamIdUsedServerUni = -1 as StreamId;
+  protected streamIdUsedServerUni = (0b11 - 4) as StreamId;
+
+  /**
+   * Tracks used ids that have skipped the expected next id for the streamIdUsed counters.
+   * If the next id in the streamIdUsed sequence is used then we remove IDs from the Set
+   * up to the next ID gap.
+   */
+  protected streamIdUsedSet: Set<number> = new Set();
 
   /**
    * Quiche connection timer. This performs time delayed state transitions.
@@ -988,24 +995,85 @@ class QUICConnection {
   }
 
   protected isStreamUsed(streamId: StreamId): boolean {
+    let nextId: number;
     const type = 0b11 & streamId;
     switch (type) {
       case 0b00:
-        if (streamId <= this.streamIdUsedClientBidi) return true;
-        this.streamIdUsedClientBidi = streamId;
-        return false;
+        nextId = this.streamIdUsedClientBidi + 4;
+        if (
+          streamId <= this.streamIdUsedClientBidi ||
+          this.streamIdUsedSet.has(streamId)
+        ) {
+          return true;
+        } else if (streamId === nextId) {
+          // Increase counter and check set in loop.
+          do {
+            this.streamIdUsedClientBidi = nextId as StreamId;
+            this.streamIdUsedSet.delete(nextId);
+            nextId += 4;
+          } while (this.streamIdUsedSet.has(nextId));
+          return false;
+        } else {
+          this.streamIdUsedSet.add(streamId);
+          return false;
+        }
       case 0b01:
-        if (streamId <= this.streamIdUsedServerBidi) return true;
-        this.streamIdUsedServerBidi = streamId;
-        return false;
+        nextId = this.streamIdUsedServerBidi + 4;
+        if (
+          streamId <= this.streamIdUsedServerBidi ||
+          this.streamIdUsedSet.has(streamId)
+        ) {
+          return true;
+        } else if (streamId === nextId) {
+          // Increase counter and check set in loop.
+          do {
+            this.streamIdUsedServerBidi = nextId as StreamId;
+            this.streamIdUsedSet.delete(nextId);
+            nextId += 4;
+          } while (this.streamIdUsedSet.has(nextId));
+          return false;
+        } else {
+          this.streamIdUsedSet.add(streamId);
+          return false;
+        }
       case 0b10:
-        if (streamId <= this.streamIdUsedClientUni) return true;
-        this.streamIdUsedClientUni = streamId;
-        return false;
+        nextId = this.streamIdUsedClientUni + 4;
+        if (
+          streamId <= this.streamIdUsedClientUni ||
+          this.streamIdUsedSet.has(streamId)
+        ) {
+          return true;
+        } else if (streamId === nextId) {
+          // Increase counter and check set in loop.
+          do {
+            this.streamIdUsedClientUni = nextId as StreamId;
+            this.streamIdUsedSet.delete(nextId);
+            nextId += 4;
+          } while (this.streamIdUsedSet.has(nextId));
+          return false;
+        } else {
+          this.streamIdUsedSet.add(streamId);
+          return false;
+        }
       case 0b11:
-        if (streamId <= this.streamIdUsedServerUni) return true;
-        this.streamIdUsedServerUni = streamId;
-        return false;
+        nextId = this.streamIdUsedServerUni + 4;
+        if (
+          streamId <= this.streamIdUsedServerUni ||
+          this.streamIdUsedSet.has(streamId)
+        ) {
+          return true;
+        } else if (streamId === nextId) {
+          // Increase counter and check set in loop.
+          do {
+            this.streamIdUsedServerUni = nextId as StreamId;
+            this.streamIdUsedSet.delete(nextId);
+            nextId += 4;
+          } while (this.streamIdUsedSet.has(nextId));
+          return false;
+        } else {
+          this.streamIdUsedSet.add(streamId);
+          return false;
+        }
       default:
         utils.never('got an unexpected ID type');
     }
diff --git a/tests/QUICStream.test.ts b/tests/QUICStream.test.ts
@@ -1,6 +1,12 @@
-import type { ClientCryptoOps, QUICConnection, ServerCryptoOps } from '@';
+import type {
+  ClientCryptoOps,
+  QUICConnection,
+  ServerCryptoOps,
+  StreamId,
+} from '@';
 import Logger, { formatting, LogLevel, StreamHandler } from '@matrixai/logger';
 import { destroyed } from '@matrixai/async-init';
+import { test, fc } from '@fast-check/jest';
 import * as events from '@/events';
 import * as errors from '@/errors';
 import * as utils from '@/utils';
@@ -2246,4 +2252,125 @@ describe(QUICStream.name, () => {
     await client.destroy({ force: true });
     await server.stop({ force: true });
   });
+  test.prop(
+    [
+      fc
+        .array(fc.integer({ min: 1 }), { minLength: 1000, maxLength: 2000 })
+        .noShrink(),
+    ],
+    { numRuns: 1 },
+  )('out of order Ids are handled properly', async (arr) => {
+    const size = arr.length;
+    const used: Set<number> = new Set();
+    const ids: Array<number> = [];
+    for (let num of arr) {
+      do {
+        num = (num + 1) % size;
+      } while (used.has(num));
+      ids.push(num);
+      used.add(num);
+    }
+
+    const connectionEventProm =
+      utils.promise<events.EventQUICServerConnection>();
+    const tlsConfig = await generateTLSConfig(defaultType);
+    const server = new QUICServer({
+      crypto: {
+        key,
+        ops: serverCrypto,
+      },
+      logger: logger.getChild(QUICServer.name),
+      config: {
+        key: tlsConfig.leafKeyPairPEM.privateKey,
+        cert: tlsConfig.leafCertPEM,
+        verifyPeer: false,
+      },
+    });
+    socketCleanMethods.extractSocket(server);
+    server.addEventListener(
+      events.EventQUICServerConnection.name,
+      (e: events.EventQUICServerConnection) => connectionEventProm.resolveP(e),
+    );
+    await server.start({
+      host: localhost,
+    });
+    const client = await QUICClient.createQUICClient({
+      host: localhost,
+      port: server.port,
+      localHost: localhost,
+      crypto: {
+        ops: clientCrypto,
+      },
+      logger: logger.getChild(QUICClient.name),
+      config: {
+        verifyPeer: false,
+      },
+    });
+    socketCleanMethods.extractSocket(client);
+    await connectionEventProm.p;
+
+    const checkId = (id: StreamId): boolean => {
+      // @ts-ignore: Using protected method
+      return client.connection.isStreamUsed(id);
+    };
+
+    for (const id of ids) {
+      expect(checkId(id as StreamId)).toBeFalse();
+    }
+    // @ts-ignore: using protected property
+    const usedIdSet = client.connection.streamIdUsedSet;
+    expect(usedIdSet.size).toBe(0);
+  });
+  test('out of order Ids are handled properly', async () => {
+    const connectionEventProm =
+      utils.promise<events.EventQUICServerConnection>();
+    const tlsConfig = await generateTLSConfig(defaultType);
+    const server = new QUICServer({
+      crypto: {
+        key,
+        ops: serverCrypto,
+      },
+      logger: logger.getChild(QUICServer.name),
+      config: {
+        key: tlsConfig.leafKeyPairPEM.privateKey,
+        cert: tlsConfig.leafCertPEM,
+        verifyPeer: false,
+      },
+    });
+    socketCleanMethods.extractSocket(server);
+    server.addEventListener(
+      events.EventQUICServerConnection.name,
+      (e: events.EventQUICServerConnection) => connectionEventProm.resolveP(e),
+    );
+    await server.start({
+      host: localhost,
+    });
+    const client = await QUICClient.createQUICClient({
+      host: localhost,
+      port: server.port,
+      localHost: localhost,
+      crypto: {
+        ops: clientCrypto,
+      },
+      logger: logger.getChild(QUICClient.name),
+      config: {
+        verifyPeer: false,
+      },
+    });
+    socketCleanMethods.extractSocket(client);
+    await connectionEventProm.p;
+
+    const checkId = (id: StreamId): boolean => {
+      // @ts-ignore: Using protected method
+      return client.connection.isStreamUsed(id);
+    };
+
+    expect(checkId(0 as StreamId)).toBeFalse();
+    expect(checkId(4 as StreamId)).toBeFalse();
+    expect(checkId(8 as StreamId)).toBeFalse();
+    expect(checkId(4 as StreamId)).toBeTrue();
+    expect(checkId(16 as StreamId)).toBeFalse();
+    expect(checkId(0 as StreamId)).toBeTrue();
+    expect(checkId(0 as StreamId)).toBeTrue();
+  });
 });
