apollo_http_server: add dynamic config size validation

Author: ArniStarkware

crates/apollo_http_server/src/http_server.rs

@@ -16,7 +16,11 @@ use apollo_gateway_types::gateway_types::{
     GatewayOutput,
     SUPPORTED_TRANSACTION_VERSIONS,
 };
-use apollo_http_server_config::config::{HttpServerConfig, HttpServerDynamicConfig};
+use apollo_http_server_config::config::{
+    validate_dynamic_config_bounds,
+    HttpServerConfig,
+    HttpServerDynamicConfig,
+};
 use apollo_infra::component_definitions::ComponentStarter;
 use apollo_infra_utils::type_name::short_type_name;
 use apollo_proc_macros::sequencer_latency_histogram;
@@ -105,6 +109,7 @@ impl HttpServer {
             self.dynamic_config_tx.clone(),
             self.config_manager_client.clone(),
             self.config.static_config.dynamic_config_poll_interval,
+            self.config.static_config.max_request_body_size,
         ));
 
         // TODO(Tsabary): update the http server struct to hold optional fields of the
@@ -354,13 +359,18 @@ async fn dynamic_config_poll(
     tx: Sender<HttpServerDynamicConfig>,
     config_manager_client: SharedConfigManagerClient,
     poll_interval: Duration,
+    max_request_body_size: usize,
 ) {
     let mut interval = time::interval(poll_interval);
     loop {
         interval.tick().await;
         let dynamic_config_result = config_manager_client.get_http_server_dynamic_config().await;
         // Make the config available if it was successfully updated.
         if let Ok(dynamic_config) = dynamic_config_result {
+            let _ = validate_dynamic_config_bounds(&dynamic_config, max_request_body_size)
+                .inspect_err(|err| {
+                    warn!("Found invalid config when updating the dynamic config: {err}")
+                });
             let _ = tx.send(dynamic_config);
         }
     }

crates/apollo_http_server_config/src/config.rs

@@ -6,7 +6,7 @@ use apollo_config::converters::deserialize_milliseconds_to_duration;
 use apollo_config::dumping::{prepend_sub_config_name, ser_param, SerializeConfig};
 use apollo_config::{ParamPath, ParamPrivacyInput, SerializedParam};
 use serde::{Deserialize, Serialize};
-use validator::Validate;
+use validator::{Validate, ValidationError};
 
 const HTTP_SERVER_PORT: u16 = 8080;
 pub const DEFAULT_MAX_SIERRA_PROGRAM_SIZE: usize = 4 * 1024 * 1024; // 4MB
@@ -17,6 +17,7 @@ const DEFAULT_DYNAMIC_CONFIG_POLL_INTERVAL_MS: u64 = 1_000; // 1 second.
 
 /// The http server connection related configuration.
 #[derive(Clone, Debug, Default, Serialize, Deserialize, Validate, PartialEq)]
+#[validate(schema(function = "max_size_validations"))]
 pub struct HttpServerConfig {
     pub dynamic_config: HttpServerDynamicConfig,
     pub static_config: HttpServerStaticConfig,
@@ -51,8 +52,6 @@ impl HttpServerConfig {
 pub struct HttpServerStaticConfig {
     pub ip: IpAddr,
     pub port: u16,
-    // TODO(Arni): add a validation that this size is bigger than
-    // http_server_config.dynamic_config.max_sierra_program_size.
     pub max_request_body_size: usize,
     #[serde(deserialize_with = "deserialize_milliseconds_to_duration")]
     pub dynamic_config_poll_interval: Duration,
@@ -122,3 +121,20 @@ impl Default for HttpServerDynamicConfig {
         Self { accept_new_txs: true, max_sierra_program_size: DEFAULT_MAX_SIERRA_PROGRAM_SIZE }
     }
 }
+
+fn max_size_validations(http_server_config: &HttpServerConfig) -> Result<(), ValidationError> {
+    let max_request_body_size = http_server_config.static_config.max_request_body_size;
+    validate_dynamic_config_bounds(&http_server_config.dynamic_config, max_request_body_size)
+}
+
+pub fn validate_dynamic_config_bounds(
+    dynamic_config: &HttpServerDynamicConfig,
+    max_request_body_size: usize,
+) -> Result<(), ValidationError> {
+    if max_request_body_size < dynamic_config.max_sierra_program_size {
+        return Err(ValidationError::new(
+            "max_request_body_size must be greater than max_sierra_program_size",
+        ));
+    }
+    Ok(())
+}