Reject oversized data messages before they break the data channel#1137
Open
cnderrauber wants to merge 3 commits into
Open
Reject oversized data messages before they break the data channel#1137cnderrauber wants to merge 3 commits into
cnderrauber wants to merge 3 commits into
Conversation
Sending a data message larger than the negotiated SCTP max message size made libwebrtc abruptly close the publisher data channel. Because DataChannelInterface::Send returns true regardless, publish_data() returned Ok while the channel was silently torn down; every subsequent publish then failed with "could not establish publisher connection: timeout" (15s each) since the channel is never recreated once has_published is set. - Parse the negotiated max message size from the publisher answer SDP (RFC 8841 a=max-message-size), defaulting to 65535 when absent. - Reject packets whose encoded size exceeds it in publish_data(), returning an error to the caller instead of silently aborting the channel. A value of 0 means "no limit". - Log an info when a publisher data channel closes while the session and peer connection are still up (the signature of this failure), without attempting renegotiation.
Contributor
ChangesetThe following package versions will be affected by this PR:
|
ladvoc
reviewed
Jun 5, 2026
| return; | ||
| }; | ||
| if !inner.closed.load(Ordering::Acquire) && inner.publisher_pc.is_connected() { | ||
| log::info!( |
Contributor
There was a problem hiding this comment.
suggestion: This should probably be logged at error level.
| // Log when a publisher data channel closes without the engine or peer | ||
| // connection tearing it down | ||
| for (dc, label) in | ||
| [(&inner.reliable_dc, RELIABLE_DC_LABEL), (&inner.lossy_dc, LOSSY_DC_LABEL)] |
Contributor
There was a problem hiding this comment.
suggestion: For completeness, this should probably also track the data track DC.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sending a data message larger than the negotiated SCTP max message size made libwebrtc abruptly close the publisher data channel. Because DataChannelInterface::Send returns true regardless, publish_data() returned Ok while the channel was silently torn down; every subsequent publish then failed with "could not establish publisher connection: timeout" (15s each) since the channel is never recreated once has_published is set.