object: Limit header length to 16KB

Previously, NeoFS used 4MB as object header's length limit. The value originally resulted from the default max gRPC message length. Now header length can be up to 16KB only. To ensure the safety of data uploaded before the restriction was introduced, this limit does not apply to intra-container replication. Refs nspcc-dev/neofs-api#262. Signed-off-by: Leonard Lyubich <[email protected]>
nspcc-dev · Feb 22, 2024 · 1c5dd30 · 1c5dd30
1 parent d54311b
commit 1c5dd30
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ Changelog for NeoFS Node
 - Inability to deploy contract with non-standard zone via neofs-adm
 
 ### Changed
+- Storage nodes no longer accept objects with header larger than 16KB (#xxx)
 
 ### Removed
 

diff --git a/pkg/core/object/fmt.go b/pkg/core/object/fmt.go
@@ -12,6 +12,13 @@ import (
 	"github.com/nspcc-dev/neofs-sdk-go/storagegroup"
 )
 
+// MaxHeaderLen is a maximum allowed length of binary object header to be
+// created via NeoFS API protocol.
+const MaxHeaderLen = 16 << 10
+
+// ErrMaxHeaderLenExceeded is returned when [MaxHeaderLen] is exceeded.
+var ErrMaxHeaderLenExceeded = errors.New("max object header length exceeded")
+
 // FormatValidator represents an object format validator.
 type FormatValidator struct {
 	*cfg

diff --git a/pkg/services/object/acl/v2/service.go b/pkg/services/object/acl/v2/service.go
@@ -8,6 +8,7 @@ import (
 	objectV2 "github.com/nspcc-dev/neofs-api-go/v2/object"
 	"github.com/nspcc-dev/neofs-node/pkg/core/container"
 	"github.com/nspcc-dev/neofs-node/pkg/core/netmap"
+	objectcore "github.com/nspcc-dev/neofs-node/pkg/core/object"
 	"github.com/nspcc-dev/neofs-node/pkg/services/object"
 	apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
 	"github.com/nspcc-dev/neofs-sdk-go/container/acl"
@@ -516,6 +517,14 @@ func (p putStreamBasicChecker) Send(request *objectV2.PutRequest) error {
 			return err
 		}
 
+		// if not a replication request, check max header size
+		if reqInfo.requestRole != acl.RoleContainer || request.GetMetaHeader().GetTTL() != 1 {
+			hdrLen := part.GetHeader().StableSize()
+			if hdrLen > objectcore.MaxHeaderLen {
+				return fmt.Errorf("%w: %d>%d", objectcore.ErrMaxHeaderLenExceeded, hdrLen, objectcore.MaxHeaderLen)
+			}
+		}
+
 		reqInfo.obj = obj
 
 		if !p.source.checker.CheckBasicACL(reqInfo) || !p.source.checker.StickyBitCheck(reqInfo, idOwner) {