Skip to content

Handle large DiagnosticsIPC ProcessInfo payloads gracefully#129994

Merged
tommcdon merged 1 commit into
dotnet:mainfrom
tommcdon:dev/tommcdon/ds-ipc-large-payload-handling
Jun 30, 2026
Merged

Handle large DiagnosticsIPC ProcessInfo payloads gracefully#129994
tommcdon merged 1 commit into
dotnet:mainfrom
tommcdon:dev/tommcdon/ds-ipc-large-payload-handling

Conversation

@tommcdon

Copy link
Copy Markdown
Member

Compute the ProcessInfo/ProcessInfo2/ProcessInfo3/env-info and generate-core-dump response payload sizes in a wide type and return failure when the header plus payload would not fit in the uint16_t message-size field, instead of truncating the length. The *_payload_get_size helpers now return bool with a uint16_t out parameter, and ipc_message_flatten computes the total length in a size_t and fails when it exceeds the representable range.

Compute the ProcessInfo/ProcessInfo2/ProcessInfo3/env-info and
generate-core-dump response payload sizes in a wide type and return
failure when the header plus payload would not fit in the uint16_t
message-size field, instead of truncating the length. The
*_payload_get_size helpers now return bool with a uint16_t out
parameter, and ipc_message_flatten computes the total length in a
size_t and fails when it exceeds the representable range.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@tommcdon tommcdon added this to the 11.0.0 milestone Jun 29, 2026
@tommcdon tommcdon self-assigned this Jun 29, 2026
Copilot AI review requested due to automatic review settings June 29, 2026 18:27
@dotnet-policy-service

Copy link
Copy Markdown
Contributor

Tagging subscribers to this area: @steveisok, @tommcdon, @dotnet/dotnet-diag
See info in area-owners.md if you want to be subscribed.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates Diagnostics IPC message construction to prevent silent truncation when response payloads are large, by computing sizes in wider types and failing when the header+payload can’t fit in the protocol’s uint16_t message-size field.

Changes:

  • Add a shared helper to validate/narrow payload sizes to a uint16_t while accounting for the IPC header size.
  • Update ipc_message_flatten to compute total message length using size_t and fail when it exceeds UINT16_MAX.
  • Update ProcessInfo/EnvironmentInfo and GenerateCoreDump response payload size helpers to bool + out uint16_t and adjust callers accordingly.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
src/native/eventpipe/ds-protocol.h Adds ds_ipc_payload_size_try_narrow helper to validate/narrow payload sizes for IPC messages.
src/native/eventpipe/ds-protocol.c Computes message length in size_t and errors out if it won’t fit in the uint16_t message-size field.
src/native/eventpipe/ds-process-protocol.c Updates ProcessInfo/EnvInfo payload size computation to use the new narrowing helper and propagates failure to callers.
src/native/eventpipe/ds-dump-protocol.c Updates GenerateCoreDump response payload size computation to use the narrowing helper and short-circuit on overflow.

Comment thread src/native/eventpipe/ds-protocol.h
Comment thread src/native/eventpipe/ds-protocol.c
Comment thread src/native/eventpipe/ds-process-protocol.c

@lateralusX lateralusX left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@tommcdon tommcdon enabled auto-merge (squash) June 30, 2026 12:40
@tommcdon tommcdon merged commit 0d81a59 into dotnet:main Jun 30, 2026
139 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants