Enforce API payload size limits and query result caps (#1630)#1925
Open
AkramBitar wants to merge 1 commit into
Open
Enforce API payload size limits and query result caps (#1630)#1925AkramBitar wants to merge 1 commit into
AkramBitar wants to merge 1 commit into
Conversation
AkramBitar
marked this pull request as draft
July 15, 2026 14:06
…1630) Signed-off-by: AkramBitar <[email protected]>
AkramBitar
force-pushed
the
feature/1630-api-payload-and-query-bounds
branch
from
July 16, 2026 14:18
a177bc5 to
2a4b101
Compare
AkramBitar
marked this pull request as ready for review
July 16, 2026 14:32
Contributor
|
Hi @AkramBitar , thanks for submitting this. My concern is the following: The storage service has many queries that would require similar constraints. Right now, this opts-based approach works only for the Transactions db. I would suggest to perform an analysis of the entire storage service to understand which limits need to be put in place and then design a flexible solution to address the issues. A wrapper-based solution could also be interested so that we can stack different layers on top of each other each perform a different function and the bottom one running the actual SQL query. What do you think? Thanks 🙏 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add size limits to the SQL transaction-store so one huge write or one unlimited query can't overload the database. Fixes the [MED] issue #1630 (denial of service from unlimited resource use, CWE-400 / CWE-770).
AddTokenRequest/AddTransaction/AddMovementreject payloads bigger than a max size (default 4 MiB; 0 turns it off).QueryTransactionsmust be given a page size (nil/None are rejected);QueryTokenRequestsalways adds aLIMIT(default 1000 rows).QueryMovementsis left alone because it is used for balance totals.token.storage.maxPayloadSize/maxPageSize) or with theWithMax*options.Note for the reviewer
This changes behaviour on upgrade, so it needs a release note:
QueryTransactionscannot be turned off. SettingmaxPageSize: 0only removes the row limit; it still rejectsnil/None. Any caller that passednilto read everything now gets an error and must page instead (seecollectAllTransactions/checks.go).Closes #1630.