Limit cron job args to 1MiB (#42387)

goffrie · Convex, Inc. · commit 73d8f060d1d1 · 2025-10-24T01:05:18.000Z
This seems very unlikely to happen because cron jobs have constant args that are hardcoded in the push bundle,
but we want a limit to protect the database.

GitOrigin-RevId: 2d7e796d3cd1444d00952dd600702a2a616a3183
diff --git a/crates/model/src/cron_jobs/types.rs b/crates/model/src/cron_jobs/types.rs
@@ -38,6 +38,8 @@ use value::{
     ConvexObject,
     ConvexValue,
     ResolvedDocumentId,
+    Size,
+    MAX_USER_SIZE,
 };
 
 #[derive(thiserror::Error, Debug, Clone)]
@@ -484,9 +486,17 @@ impl TryFrom<JsonValue> for CronSpec {
 
         let udf_path: UdfPath = j.name.parse()?;
         let udf_path_canonicalized = udf_path.canonicalize();
+        let udf_args = ConvexArray::try_from(j.args)?;
+        // CronSpec is stored in the database, so enforce document size limits
+        anyhow::ensure!(
+            udf_args.size() < MAX_USER_SIZE,
+            "Cron job args too large ({} > maximum size {})",
+            udf_args.size(),
+            MAX_USER_SIZE
+        );
         Ok(Self {
             udf_path: udf_path_canonicalized,
-            udf_args: ConvexArray::try_from(j.args)?,
+            udf_args,
             cron_schedule: schedule,
         })
     }
