fix: integer overflow panic in SniffQUIC

[kastov]

Fix integer overflow panic in SniffQUIC.

Details

goroutine 14860334692 [running]:
github.com/xtls/xray-core/common/buf.(*Buffer).BytesRange(...)
        github.com/xtls/xray-core/common/buf/buffer.go:167
github.com/xtls/xray-core/common/protocol/quic.SniffQUIC({0xc0a4ef2000, 0x63, 0x8000})
        github.com/xtls/xray-core/common/protocol/quic/sniff.go:231 +0x2005
github.com/xtls/xray-core/app/dispatcher.NewSniffer.func4({0xc19ac0a998?, 0x8?}, {0xc0a4ef2000?, 0x0?, 0x0?})
        github.com/xtls/xray-core/app/dispatcher/sniffer.go:42 +0x25
github.com/xtls/xray-core/app/dispatcher.(*Sniffer).Sniff(0xc0bd9538f0, {0x19a0090, 0xc2235fc300}, {0xc0a4ef2000, 0x63, 0x8000}, 0x3)
        github.com/xtls/xray-core/app/dispatcher/sniffer.go:66 +0xc6
github.com/xtls/xray-core/app/dispatcher.sniffer.func1(...)
        github.com/xtls/xray-core/app/dispatcher/default.go:426
github.com/xtls/xray-core/app/dispatcher.sniffer({0x19a0090, 0xc2235fc300}, 0xc2235fc480, 0x0, 0x3)
        github.com/xtls/xray-core/app/dispatcher/default.go:443 +0x64c
github.com/xtls/xray-core/app/dispatcher.(*DefaultDispatcher).Dispatch.func1()
        github.com/xtls/xray-core/app/dispatcher/default.go:314 +0x130
created by github.com/xtls/xray-core/app/dispatcher.(*DefaultDispatcher).Dispatch in goroutine 14860334690
        github.com/xtls/xray-core/app/dispatcher/default.go:309 +0x59b
panic: runtime error: slice bounds out of range [:-2147483648]

[RPRX]

是对于 https://github.com/XTLS/Xray-core/security/advisories/GHSA-hrp5-2rwj-wvmv 的修复吗？

[Fangliding]

是对于 https://github.com/XTLS/Xray-core/security/advisories/GHSA-hrp5-2rwj-wvmv 的修复吗？

应该是 不过这个link别人看不到
我重写了个pr避免以后这种可能的奇怪非法数据包

[RPRX]

应该是 不过这个link别人看不到

他们在邮件中提到了这个，应该是自己人报告的