From 1ffb8a92cd38c7ee2e8909f5dec6f5832d3bf520 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=A3=8E=E6=89=87=E6=BB=91=E7=BF=94=E7=BF=BC?=
 <Fangliding.fshxy@outlook.com>
Date: Mon, 11 Nov 2024 12:20:54 +0800
Subject: [PATCH] Sniff: Prevent crash on QUIC sniffer panic (#3978)

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
---
 common/protocol/quic/sniff.go | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/common/protocol/quic/sniff.go b/common/protocol/quic/sniff.go
index 8719a085..779e291b 100644
--- a/common/protocol/quic/sniff.go
+++ b/common/protocol/quic/sniff.go
@@ -1,6 +1,7 @@
 package quic
 
 import (
+	"context"
 	"crypto"
 	"crypto/aes"
 	"crypto/tls"
@@ -46,7 +47,18 @@ var (
 	errNotQuicInitial = errors.New("not initial packet")
 )
 
-func SniffQUIC(b []byte) (*SniffHeader, error) {
+func SniffQUIC(b []byte) (resultReturn *SniffHeader, errorReturn error) {
+	// In extremely rare cases, this sniffer may cause slice error
+	// and we set recover() here to prevent crash.
+	// TODO: Thoroughly fix this panic
+	defer func() {
+		if r := recover(); r != nil {
+			errors.LogError(context.Background(), "Failed to sniff QUIC: ", r)
+			resultReturn = nil
+			errorReturn = common.ErrNoClue
+		}
+	}()
+
 	// Crypto data separated across packets
 	cryptoLen := 0
 	cryptoData := bytespool.Alloc(int32(len(b)))