feat(stdio): Phase 7 - Stream backpressure and memory caps#76
Open
shleder wants to merge 1 commit into
Open
Conversation
- Await drain on stdin: pause clientInterface readline when targetProcess.stdin.write() returns false, resume on drain event - Await drain on stdout: pause targetInterface when output.write() returns false, resume on drain event via waitForOutputDrain() - Memory caps: add sliding-window throughput limiter (50MB/s default, configurable via MCP_STDIO_MAX_THROUGHPUT_BPS) that pauses the respective readline when exceeded - Clean maps: failAllPending() now snapshots entries and calls pendingRequests.clear() atomically before iterating; clearPendingRequest() uses delete-first pattern to prevent race conditions during teardown Co-authored-by: Shleder <230892287+shleder@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request was created by @kiro-agent on behalf of @shleder 👻
Comment with /kiro fix to address specific feedback or /kiro all to address everything.
Learn about Kiro autonomous agent
Summary
Implements Phase 7 (Stdio Transport Stability) from the audit plan. Hardens
src/stdio/proxy.tsagainst unbounded Node.js stream buffering and buffer overflow attacks.Changes
1. Await Drain on Stdin
targetProcess.stdin.write().false, pausesclientInterfacereadline and registers a one-time'drain'listener on target stdin to resume.STDIO_TARGET_BACKPRESSUREaudit log entry.2. Await Drain on Stdout
writeRawJson()now checks the return value ofoutput.write().targetInterface(response readline) and awaits the'drain'event before processing further target output.3. Memory Caps (Throughput Limiter)
MCP_STDIO_MAX_THROUGHPUT_BPSenvironment variable.4. Clean Maps (Race Condition Prevention)
failAllPending()now snapshots all entries, callspendingRequests.clear()atomically, then iterates the snapshot to clear timeouts and write error responses. This prevents race conditions where new entries could be added during iteration and then incorrectly deleted.clearPendingRequest()now uses a delete-first pattern: deletes from map immediately, then clears the timeout if the entry existed.Validation
tsc --noEmit: no new errors introduced by this change (all remaining errors are pre-existing missing@types/nodedue to absentnode_modules).Limitations
npm run typecheckcannot pass cleanly withoutnpm install(blocked by "Repository access only" network mode). The errors specific to this file were verified to be exclusively pre-existing infrastructure issues (missing type declarations for Node.js globals).