PVA: harden handling of protocol sizes#3878
Open
kasemir wants to merge 2 commits into
Open
Conversation
added 2 commits
July 10, 2026 13:48
Protocol handling was prone to memory exhaustion because of this pattern: ``` int count = buffer.getInteger(); Whatever[] data = new Whatever[count]; .. then read data from buffer ``` A misconfigured package can contain a huge `count`. This update checks the `count` against the remaining package size, refusing packets that are obviously too small or rather the `count` is obviously too large for the packet size. Along the same lines, one could introduce an upper packet size limit similar to `EPICS_CA_MAX_ARRAY_BYTES` in channel access, but at this time, confirmed in a 2026-07-10 EPICS core telecon, PVA does not impose any such size limits, using all available memory.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.


Protocol handling was prone to memory exhaustion because of this pattern:
A misconfigured package can contain a huge
count. This update checks thecountagainst the remaining package size, refusing packets that are obviously too small or rather thecountis obviously too large for the packet size.Along the same lines, one could introduce an upper packet size limit similar to
EPICS_CA_MAX_ARRAY_BYTESin channel access, but at this time, confirmed in a 2026-07-10 EPICS core telecon, PVA does not impose any such size limits, using all available memory.