core-lead/molecule-core
1
0
Fork 0
forked from molecule-ai/molecule-core
Code Pull Requests Activity
1e30386aec
molecule-core/workspace-server/internal/provisioner
History
Hongming Wang 0a06cb4fc9 fix(cp_provisioner): cap IsRunning body read at 64 KiB 
IsRunning used an unbounded json.NewDecoder(resp.Body).Decode on
CP status responses. Start already caps its body read at 64 KiB
(cp_provisioner.go:137) to defend against a misconfigured or
compromised CP streaming a huge body and exhausting memory.

IsRunning is called reactively per-request from a2a_proxy and
periodically from healthsweep, so it's a hotter path than Start
and arguably deserves the same defense more.

Adds TestIsRunning_BoundedBodyRead that serves a body padded past
the cap and asserts the decode still succeeds on the JSON prefix.

Follow-up to code-review Nit-2 on #1073.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-20 09:06:20 -07:00
..
cp_provisioner_test.go fix(cp_provisioner): cap IsRunning body read at 64 KiB 2026-04-20 09:06:20 -07:00
cp_provisioner.go fix(cp_provisioner): cap IsRunning body read at 64 KiB 2026-04-20 09:06:20 -07:00
isrunning_test.go chore: open-source restructure — rename dirs, remove internal files, scrub secrets 2026-04-18 00:24:44 -07:00
provisioner_test.go chore: final open-source cleanup — binary, stale paths, private refs 2026-04-18 00:38:55 -07:00
provisioner.go chore: final open-source cleanup — binary, stale paths, private refs 2026-04-18 00:38:55 -07:00