fix(sources): cap decompressed body to prevent OOM#25488
Open
pront wants to merge 7 commits into
Open
Conversation
The shared decompress_body helper used by http_server, prometheus_remote_write, prometheus_pushgateway, heroku_logs, and the opentelemetry HTTP receiver previously read the gzip/deflate/zstd/snappy output into an unbounded Vec. A single unauthenticated POST with a small compressed bomb could OOM-kill the Vector process. Cap the decompressed payload at 100 MiB and return HTTP 413 when exceeded. gzip/deflate/zstd are wrapped with io::Take; snappy is rejected up front via snap::raw::decompress_len before allocating. Also short-circuit at the warp layer when the declared Content-Length already exceeds the cap. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
github-actions
Bot
added
the
domain: sources
decompress_body is pub, but DEFAULT_MAX_DECOMPRESSED_BODY_SIZE and decompress_body_with_limit are pub(crate). The intra-doc link lint fails CI under #![deny(warnings)] when public docs reference private items. Inline the 100 MiB number in the doc comment instead. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9d3730c100
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
decompress_body(shared byhttp_server,prometheus_remote_write,prometheus_pushgateway,heroku_logs, and theopentelemetryHTTP receiver) decoded gzip/deflate/zstd/snappy request bodies into an unboundedVec. A single unauthenticated POST with a small compressed bomb could OOM-kill Vector in a fraction of a second.This PR caps both the aggregated request body and decompressed payload at 100 MiB and returns HTTP 413 when exceeded. The raw-body cap is enforced while streaming the request body, so chunked or missing-
Content-Lengthrequests cannot bypass the limit. The cap is a constant for now; a follow-up can expose it as a config field if needed.Vector configuration
No configuration changes.
How did you test this PR?
Unit tests in
encoding.rs, including gzip/snappy/zstd/identity limit cases and bounded streaming body collection cases, plus an end-to-end test inhttp_serverthat streams a 200 MiB gzip bomb fixture without allocating the plaintext and asserts a 413 response.Future work
Change Type
Is this a breaking change?
Does this PR include user facing changes?