Skip to content

fix(mcp): cap tool response size to prevent OOM#66

Merged
aksOps merged 1 commit into
mainfrom
fix/mcp-response-byte-cap
Apr 28, 2026
Merged

fix(mcp): cap tool response size to prevent OOM#66
aksOps merged 1 commit into
mainfrom
fix/mcp-response-byte-cap

Conversation

@aksOps

@aksOps aksOps commented Apr 28, 2026

Copy link
Copy Markdown
Contributor

Summary

PR D of 6. Closes the MCP OOM vector identified by codex round 1: tools that marshal full payloads (`get_trace`, `get_graph_snapshot`, `correlated_signals`, `get_system_graph`) had no byte cap. A 50k-span trace or large snapshot would produce 100MB+ JSON, OOM the process, and stall every concurrent MCP call until `MCP_CALL_TIMEOUT_MS` fires.

  • New constant `MaxToolResponseBytes = 4 MiB`
  • Enforced inside `textResult()` so the cap covers all 22 marshal-then-textResult sites uniformly
  • Over-cap responses convert to a structured error with actionable hint ("narrow time range or use pagination")

Test plan

  • `go test -count=1 ./internal/mcp/...` → 68 passed (was 63, +5 new)
  • Coverage: under-cap pass-through, exactly-at-cap pass-through, over-cap errors with marker + hint, empty text safe
  • Existing tools (search_logs at 200 rows, etc.) are well under 4 MiB so no behavior change for normal traffic

🤖 Generated with Claude Code

@aksOps @claude
fix(mcp): cap tool response size to prevent OOM on adversarial input
1f348a8 
Several MCP tools (get_trace, get_graph_snapshot, correlated_signals,
get_system_graph) marshal full DB/graph payloads with no row cap. A
trace with 50k spans or a large snapshot can produce a 100 MB+ JSON
response that OOMs the process and stalls every concurrent MCP call
until MCP_CALL_TIMEOUT_MS fires.

Adds MaxToolResponseBytes = 4 MiB enforced inside textResult() so the
cap covers all 22 marshal-then-textResult sites uniformly. Over-cap
responses convert to a structured error pointing operators at
pagination / time-range narrowing.

Tests cover: under-cap passes through, exactly-at-cap passes,
over-cap errors with actionable hint, empty text is fine.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@sonarqubecloud

sonarqubecloud Bot commented Apr 28, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@aksOps aksOps merged commit 304d5bd into main Apr 28, 2026
17 checks passed
@aksOps aksOps deleted the fix/mcp-response-byte-cap branch April 28, 2026 07:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aksOps