From bb266f6899845ce164ae5bc972fa35d8a275eb00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=CE=A3rebe=20-=20Romain=20GERARD?= <erebe@erebe.eu>
Date: Fri, 7 Jun 2024 21:25:05 +0200
Subject: [PATCH] fix(#287): Clamp max websocket message size to 32MB

---
 src/tunnel/transport/websocket.rs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/tunnel/transport/websocket.rs b/src/tunnel/transport/websocket.rs
index 8b1a335..f49a12e 100644
--- a/src/tunnel/transport/websocket.rs
+++ b/src/tunnel/transport/websocket.rs
@@ -53,10 +53,12 @@ impl TunnelWrite for WebsocketTunnelWrite {
         }
 
         // If the buffer has been completely filled with previous read, Grows it !
-        // For the buffer to not be a bottleneck when the TCP window scale
-        // For udp, the buffer will never grows.
+        // For the buffer to not be a bottleneck when the TCP window scale.
+        // We clamp it to 32Mb to avoid unbounded growth and as websocket max frame size is 64Mb by default
+        // For udp, the buffer will never grow.
+        const _32_MB: usize = 32 * 1024 * 1024;
         buf.clear();
-        if buf.capacity() == read_len {
+        if buf.capacity() == read_len && buf.capacity() < _32_MB {
             let new_size = buf.capacity() + (buf.capacity() / 4); // grow buffer by 1.25 %
             buf.reserve(new_size);
             trace!(