Context Navigation

← Previous Ticket
Next Ticket →

Opened at 2023-01-10T16:05:40Z

Closed at 2023-03-10T16:13:19Z

#3965 closed enhancement (fixed)

Use better max encodings for CBOR messages

Reported by:	itamarst	Owned by:	GitHub <noreply@…>
Priority:	normal	Milestone:	HTTP Storage Protocol
Component:	unknown	Version:	n/a
Keywords:		Cc:
Launchpad Bug:

Description

CBOR decoding can now choose what a reasonable max size is on a case by case basis, so we should take advantage of that.

For example, the allocate_buckets message should probably never be more than 1kB (limited number of shares, and you'd need an absolutely absurdly huge file for the encoded size to get even close to 1kB). whereas advise_corrupt_share_immutable accepts some semi-arbitrary text so being a bit more generous and accepting something like 64kB makes sense.

Change History (1)

comment:1 Changed at 2023-03-10T16:13:19Z by GitHub <noreply@…>

Owner set to GitHub <noreply@…>
Resolution set to fixed
Status changed from new to closed

In 374d2fc/trunk:

Merge pull request #1266 from tahoe-lafs/3965.better-max-size

Add more restrictive CBOR content limits to server

Fixes: ticket:3965

Note: See TracTickets for help on using tickets.

Download in other formats: