docs: add 1 KB padding limit to Auth.padding and Welcome.padding#49
Open
VasilevNStas wants to merge 1 commit into
Open
docs: add 1 KB padding limit to Auth.padding and Welcome.padding#49VasilevNStas wants to merge 1 commit into
VasilevNStas wants to merge 1 commit into
Conversation
Contributor
Author
Member
|
@VasilevNStas we have merge conflicts here, please resolve them and we'll merge |
VasilevNStas
force-pushed
the
18-docs/padding-size-limit
branch
from
July 4, 2026 17:56
748a27d to
fac3b85
Compare
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Documents a maximum size of 1024 bytes for both
Auth.paddingandWelcome.padding. No wire changes.Problem
Auth.padding(field 6) had no stated upper bound, making proto3's default 64 MB message size ceiling the de-facto limit. Since the Node must deserialise the full Auth message before it can verify the HMAC (field 3), an unauthenticated peer could force a 64 MB pre-HMAC allocation per attempt.Welcome.paddinghad the same unbounded bytes type.Changes
Auth.padding: "MUST NOT exceed 1024 bytes. The Node SHOULD enforce this ceiling as a raw-wire length check before deserialising the message, so that an unauthenticated peer cannot force a large pre-HMAC allocation."Welcome.padding: "MUST NOT exceed 1024 bytes."Migration
Nodes should add a raw-wire length check on the incoming Auth frame before protobuf deserialisation, rejecting any frame whose padding exceeds 1024 bytes. The exact limit can be tuned without a proto change since this is an implementation contract, not a wire format change.
Closes #18