Skip to content

Add inbound message size validation#1821

Open
AkramBitar wants to merge 1 commit into
mainfrom
feature/incoming-message-size-limits
Open

Add inbound message size validation#1821
AkramBitar wants to merge 1 commit into
mainfrom
feature/incoming-message-size-limits

Conversation

@AkramBitar

Copy link
Copy Markdown
Contributor

Add a max message-size check at the one place all inbound messages pass through (ReceiveRawWithTimeout), so signature replies, auditor payloads, and distribution acks are rejected before deserialization. Oversized payloads fail fast with ErrMessageTooLarge; malformed ones are still caught by the existing envelope validation. Default limit 100 MiB, configurable.

@AkramBitar AkramBitar self-assigned this Jun 25, 2026
@AkramBitar AkramBitar added this to the Q3/26 milestone Jun 25, 2026
@AkramBitar AkramBitar marked this pull request as draft June 25, 2026 17:05
@AkramBitar AkramBitar linked an issue Jun 25, 2026 that may be closed by this pull request
@AkramBitar AkramBitar force-pushed the feature/incoming-message-size-limits branch from 94226b5 to cad0e2f Compare June 25, 2026 17:24
@AkramBitar AkramBitar marked this pull request as ready for review June 25, 2026 17:27
@AkramBitar AkramBitar requested review from HayimShaul and adecaro June 25, 2026 17:28
Signed-off-by: AkramBitar <akram@il.ibm.com>
@AkramBitar AkramBitar force-pushed the feature/incoming-message-size-limits branch from cad0e2f to 5898dc6 Compare June 30, 2026 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Validate and Bound Incoming Message Sizes [MED]

2 participants