Skip to content

Pipe: Refactor AirGap receiver with configurable payload size control#17443

Open
luoluoyuyu wants to merge 7 commits intoapache:masterfrom
luoluoyuyu:fix/airgap-receiver-payload-guard
Open

Pipe: Refactor AirGap receiver with configurable payload size control#17443
luoluoyuyu wants to merge 7 commits intoapache:masterfrom
luoluoyuyu:fix/airgap-receiver-payload-guard

Conversation

@luoluoyuyu
Copy link
Copy Markdown
Member

@luoluoyuyu luoluoyuyu commented Apr 8, 2026
edited
Loading

This PR has:

  • been self-reviewed.
    • concurrent read
    • concurrent write
    • concurrent read and write
  • added documentation for new or modified features or behaviors.
  • added Javadocs for most classes and all non-trivial methods.
  • added or updated version, license, or notice information
  • added comments explaining the "why" and the intent of the code wherever would not be obvious
    for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold
    for code coverage.
  • added integration tests.
  • been tested in a test IoTDB cluster.
Key changed/added classes (or packages if there are too many classes) in this PR

@luoluoyuyu
Pipe: add hot-reloadable AirGap payload size guard to mitigate DoS risk.
33d484a 
Introduce a dedicated AirGap receiver payload limit in the pipe config and enforce it before request buffer allocation, so oversized payloads are rejected early and memory pressure is bounded under malicious or malformed inputs.

Made-with: Cursor
@luoluoyuyu
update
689cd78
@luoluoyuyu
update
280b679
@luoluoyuyu luoluoyuyu changed the title Pipe: add hot-reloadable AirGap payload size guard to mitigate DoS risk. Pipe: Refactor AirGap receiver with configurable payload size control Apr 8, 2026
jt2594838
jt2594838 approved these changes Apr 8, 2026
View reviewed changes
...ode/src/main/java/org/apache/iotdb/db/pipe/receiver/protocol/airgap/IoTDBAirGapReceiver.java Outdated
Comment on lines 95 to 105
if (!socket.isClosed()) {
socket.close();
}
} finally {
// session will be closed and removed here
PipeDataNodeAgent.receiver().thrift().handleClientExit();
socket.close();
if (!socket.isClosed()) {
socket.close();
}
}
}
Copy link
Copy Markdown
Contributor

@jt2594838 jt2594838 Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the close above redundant?

Copy link
Copy Markdown
Member Author

@luoluoyuyu luoluoyuyu Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@jt2594838
Copy link
Copy Markdown
Contributor

jt2594838 commented Apr 8, 2026

May add a test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jt2594838 jt2594838 jt2594838 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@luoluoyuyu @jt2594838