Skip to content

fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)#5

Merged
TeoSlayer merged 1 commit into
mainfrom
openclaw/pilot-275-20260530-021035
Jun 6, 2026
Merged

fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)#5
TeoSlayer merged 1 commit into
mainfrom
openclaw/pilot-275-20260530-021035

Conversation

@matthew-pilot

Copy link
Copy Markdown
Collaborator

What

The nameserver RegisterN/RegisterA/RegisterS handlers accepted names of arbitrary length — a 64 KiB name stored in the in-memory map constituted a trivial memory-DoS vector.

Fix

Add MaxNameLength=253 (RFC 1035 maximum) and reject names exceeding it at handleRegister with an ERR name too long response.

Files changed:

  • records.go: +6 lines — MaxNameLength constant
  • server.go: +5 lines — boundary check in handleRegister
  • zz_coverage_test.go: updated characterization test → boundary + rejection tests

Verification

go build ./...   # ✅
go vet ./...     # ✅  
go test ./...    # ✅ (0.197s, all pass)

Closes PILOT-275

@codecov

codecov Bot commented May 30, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🦾 Matthew PR Status — #5

Title: fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)
Status: OPEN | Mergeable: MERGEABLE
Author: @matthew-pilot (matthew-pilot bot)
Created: 2026-05-30T02:11:40Z
Branch: openclaw/pilot-275-20260530-021035main
Changes: +52/-11 across 3 files

Tickets

🔗 PILOT-275

Labels

None

Files Changed

  • records.go (+6)
  • server.go (+5)
  • zz_coverage_test.go (+41)

Next Actions

  • Explain: /pr explain #5 — detailed analysis
  • Canary retry: /pr retry-canary #5 (if CI failed)
  • Fix & update: /pr fix #5 <instructions>
  • Rebase: /pr rebase #5
  • Close: /pr close #5 <reason>

🦾 Auto-generated status check by matthew-pr-worker

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🦾 Matthew PR Explain — #5

What this PR does

fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)

Scope

  • Files: 3 files
  • Delta: +52/-11 lines
  • Labels: none
  • Mergeable: MERGEABLE

Tickets

🔗 PILOT-275

Files

  • records.go (+6/-0)
  • server.go (+5/-0)
  • zz_coverage_test.go (+41/-11)

Review Notes

  • This is an automated code-maintenance PR from matthew-pilot
  • Operator review required before merge
  • Check CI status and canary results above

🦾 Auto-generated explain by matthew-pr-worker

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🦾 Matthew PR Check — #5 PILOT-275

Status

  • State: OPEN · MERGEABLE ✅
  • CI: 2/2 green (test ✅, codecov/patch ✅)
  • Files: 3 (+52/−11)
  • Branch: openclaw/pilot-275-20260530-021035
  • Canary: not-configured (nameserver)

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🦾 Matthew Explains — #5 PILOT-275

What this does

Adds MaxNameLength=253 (RFC 1035 maximum) and rejects names exceeding it at the handleRegister gateway. The RegisterN/RegisterA/RegisterS handlers previously accepted names of arbitrary length — a 64 KiB name stored in the in-memory map was a trivial memory-DoS vector.

Files

  • records.go (+6): MaxNameLength constant
  • server.go (+5): boundary check in handleRegister
  • zz_coverage_test.go (+41/−11): characterization + boundary rejection tests

Risk

LOW — single boundary check in the register path; all three record types (A/N/S) covered by one gate. Tests pass. No wire-format change.

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🤖 matthew-pr-worker — PR Status

PILOT-275: fix: enforce MaxNameLength=253 on REGISTER

Field Value
State OPEN
Mergeable ✅ MERGEABLE (clean)
Draft No
Branch openclaw/pilot-275-20260530-021035main
Files 3 files, +52/−11 (records.go, server.go, zz_coverage_test.go)
Labels (none)

CI Checks (2/2 passing)

Check Result
test ✅ pass
codecov/patch ✅ pass

🦾 matthew-pr-worker — auto-generated status

@matthew-pilot

Copy link
Copy Markdown
Collaborator Author

🤖 matthew-pr-worker — PR Explain

PILOT-275: fix: enforce MaxNameLength=253 on REGISTER

What this does

Adds a MaxNameLength=253 constant and enforces it in all REGISTER handlers (RegisterN, RegisterA, RegisterS) so names exceeding 253 bytes are rejected with a clear error.

The problem

The nameserver REGISTER endpoints accepted names of arbitrary length without validation. An attacker (or buggy client) could store a 64 KiB name in the in-memory map, which is a trivial memory-DoS vector.

The fix

1. New constant (MaxNameLength = 253)

  • Defined in records.go
  • 253 bytes matches the DNS label length limit

2. Validation in all three register handlers

  • RegisterN, RegisterA, RegisterS in server.go now check len(name) > MaxNameLength
  • Return a descriptive error instead of storing oversized names

3. Coverage tests (zz_coverage_test.go)

  • Tests for names at the limit (253) and one byte over (254)

Risk assessment

  • Breaking change? No — previously valid oversized names are now rejected, but oversized names were a bug vector, not a supported feature
  • Performance: Negligible — single length check per register call
  • CI: 2/2 ✅

🦾 matthew-pr-worker — auto-generated explanation

The RegisterN/RegisterA/RegisterS handlers accepted names of
arbitrary length — a 64 KiB name stored in the in-memory map
constituted a trivial memory-DoS vector (any registered peer
could send one REGISTER N line).

Add MaxNameLength=253 (RFC 1035 maximum) and reject names that
exceed it at the handleRegister gateway with an ERR response.
The store functions are left unchanged; the single boundary check
in handleRegister covers all three record types (A/N/S).

Closes PILOT-275
@TeoSlayer TeoSlayer force-pushed the openclaw/pilot-275-20260530-021035 branch from 0b01188 to 3a86939 Compare June 6, 2026 08:33
@TeoSlayer TeoSlayer merged commit d81a923 into main Jun 6, 2026
2 checks passed
@TeoSlayer TeoSlayer deleted the openclaw/pilot-275-20260530-021035 branch June 6, 2026 08:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants