Commit 5cc49d5
* Reject zero-length TCP messages to prevent connection slot abuse
Zero-length messages (4-byte header of all zeros) were silently
accepted as valid, keeping the connection alive. An attacker could
hold all TCP connection slots (default: 4) indefinitely by sending
just 4 zero bytes per probe, blocking legitimate CASE sessions.
Reject zero-length messages and close the connection, since no valid
Matter message has zero payload length.
* Address review: remove redundant CloseConnectionInternal, fix test
- Remove explicit CloseConnectionInternal call since the caller
(OnDataReceived) already handles connection closure on error return
- Update test to expect CHIP_ERROR_INVALID_MESSAGE_LENGTH for
zero-length messages
* Retrigger CI (REPL timeout)
* Retrigger CI
---------
(cherry picked from commit 0e0a4aa)
Co-authored-by: Justin Wood <woody@apple.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Robert Szewczyk <szewczyk@google.com>
1 parent c4fd23c commit 5cc49d5
2 files changed
Lines changed: 6 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
347 | 347 | | |
348 | 348 | | |
349 | 349 | | |
350 | | - | |
351 | | - | |
| 350 | + | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
352 | 354 | | |
353 | 355 | | |
354 | 356 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
696 | 696 | | |
697 | 697 | | |
698 | 698 | | |
699 | | - | |
| 699 | + | |
700 | 700 | | |
701 | 701 | | |
702 | 702 | | |
703 | | - | |
| 703 | + | |
704 | 704 | | |
705 | 705 | | |
706 | 706 | | |
| |||
0 commit comments