Skip to content

fix(mcp): unbounded elicitation mpsc channel allows memory exhaustion #2524

Closed
#2530
Closed
fix(mcp): unbounded elicitation mpsc channel allows memory exhaustion#2524
#2530
Assignees
bug-ops
Labels
P3Research — medium-high complexitybugSomething isn't workingmemoryzeph-memory crate (SQLite)securitySecurity-related issue
@bug-ops

Description

@bug-ops
bug-ops
opened on Mar 31, 2026

Context

Added in #2521. The elicitation_tx channel in McpClient is unbounded (tokio::sync::mpsc::unbounded_channel). A malicious or misbehaving MCP server can flood elicitation requests, exhausting memory.

Required work

  • Replace with a bounded channel (e.g., capacity 16)
  • On send failure (channel full): log a warning and auto-decline the request server-side
  • Config: [mcp] elicitation_queue_capacity = 16 (optional)

Related: #2486, PR #2521

Metadata

Metadata

Assignees

Labels

P3Research — medium-high complexitybugSomething isn't workingmemoryzeph-memory crate (SQLite)securitySecurity-related issue

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions