From 1a3368d379f99f59aac95106b5913f14a9ba98a6 Mon Sep 17 00:00:00 2001
From: Kazi Sabbir <169386380+kazisabu@users.noreply.github.com>
Date: Thu, 14 May 2026 20:38:17 +0600
Subject: [PATCH] Update server.go

---
 gnoi/os/server.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gnoi/os/server.go b/gnoi/os/server.go
index 98320336..0d24c486 100644
--- a/gnoi/os/server.go
+++ b/gnoi/os/server.go
@@ -25,6 +25,9 @@ import (
 )
 
 var receiveChunkSizeAck uint64 = 12000000
+// maxOSImageSize limits the maximum size of an OS image accepted by ReceiveOS
+// to prevent unbounded memory allocation (DoS).
+const maxOSImageSize = 1 << 30 // 1GB
 
 // Server is an OS Management service.
 type Server struct {
@@ -179,6 +182,9 @@ func ReceiveOS(stream pb.OS_InstallServer) (*bytes.Buffer, error) {
 		switch in.Request.(type) {
 		case *pb.InstallRequest_TransferContent:
 			bb.Write(in.GetTransferContent())
+			if bb.Len() > maxOSImageSize {
+				return nil, errors.New("OS image exceeds maximum size")
+			}
 		case *pb.InstallRequest_TransferEnd:
 			log.V(1).Info("InstallRequest:\n", proto.MarshalTextString(in))
 			return bb, nil