Skip to content

apollo_http_server: add dynamic config size validation #12438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ArniStarkware wants to merge 1 commit into
base: arni/gateway_http_server/max_request_body_size_test
Choose a base branch
from
Open

apollo_http_server: add dynamic config size validation #12438

ArniStarkware wants to merge 1 commit into from
+38 −3

Conversation

@ArniStarkware
Copy link
Contributor

@ArniStarkware ArniStarkware commented Feb 10, 2026
edited by cursor bot
Loading

Note

Low Risk
Small, self-contained config validation and test changes; risk is limited to rejecting previously-accepted invalid configurations at startup/validation time.

Overview
Adds a cross-field config validation on HttpServerConfig to ensure static_config.max_request_body_size is greater than dynamic_config.max_sierra_program_size, returning a ValidationError when violated.

Introduces a focused unit test (config_test.rs) and wires it into the crate’s test module setup to prevent regressions.

Written by Cursor Bugbot for commit 60de1e9. This will update automatically on new commits. Configure here.

This was referenced Feb 10, 2026
Open
Merged
@reviewable-StarkWare
Copy link

reviewable-StarkWare commented Feb 10, 2026

This change is Reviewable

@ArniStarkware Graphite App
Copy link
Contributor Author

ArniStarkware commented Feb 10, 2026

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@ArniStarkware ArniStarkware marked this pull request as ready for review February 10, 2026 13:11
cursor[bot]
cursor bot reviewed Feb 10, 2026
View reviewed changes
TzahiTaub
TzahiTaub requested changes Feb 10, 2026
View reviewed changes
Copy link
Contributor

@TzahiTaub TzahiTaub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@TzahiTaub reviewed 2 files and all commit messages, and made 2 comments.
Reviewable status: all files reviewed, 3 unresolved discussions (waiting on @ArniStarkware).

crates/apollo_http_server_config/src/config.rs line 140 at r1 (raw file):

    }
    Ok(())
}

As discussed, please unify. The validation here is sufficient.

Suggestion:

fn max_size_validations(http_server_config: &HttpServerConfig) -> Result<(), ValidationError> {
    let max_request_body_size = http_server_config.static_config.max_request_body_size;
    validate_dynamic_config_bounds(&http_server_config.dynamic_config, max_request_body_size)
}

pub fn validate_dynamic_config_bounds(
    dynamic_config: &HttpServerDynamicConfig,
    max_request_body_size: usize,
) -> Result<(), ValidationError> {
    if max_request_body_size <= dynamic_config.max_sierra_program_size {
        return Err(ValidationError::new(
            "max_request_body_size must be greater than max_sierra_program_size",
        ));
    }
    Ok(())
}

crates/apollo_http_server/src/http_server.rs line 0 at r1 (raw file):
Revert changes in this file

@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/max_request_body_size_test branch from a9eb32e to 108c567 Compare February 10, 2026 14:11
@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/validate_dynamic_config branch from 707b7e5 to 04c835d Compare February 10, 2026 14:11
cursor[bot]
cursor bot reviewed Feb 10, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/validate_dynamic_config branch 3 times, most recently from a3f16e7 to 4961fee Compare February 10, 2026 14:29
@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/max_request_body_size_test branch from 108c567 to f091655 Compare February 10, 2026 15:00
@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/validate_dynamic_config branch from 4961fee to e2088c0 Compare February 10, 2026 15:00
@ArniStarkware
Copy link
Contributor Author

ArniStarkware commented Feb 10, 2026

crates/apollo_http_server/src/http_server.rs line at r1 (raw file):

Previously, TzahiTaub (Tzahi) wrote…

Revert changes in this file

Done.

@ArniStarkware ArniStarkware force-pushed the arni/gateway_http_server/validate_dynamic_config branch from e2088c0 to 60de1e9 Compare February 10, 2026 17:54
ArniStarkware
ArniStarkware commented Feb 10, 2026
View reviewed changes
Copy link
Contributor Author

@ArniStarkware ArniStarkware left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ArniStarkware made 1 comment.
Reviewable status: 0 of 4 files reviewed, 2 unresolved discussions (waiting on @TzahiTaub).

crates/apollo_http_server_config/src/config.rs line 140 at r1 (raw file):

Previously, TzahiTaub (Tzahi) wrote…

As discussed, please unify. The validation here is sufficient.

Done.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@TzahiTaub TzahiTaub Awaiting requested review from TzahiTaub

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ArniStarkware @reviewable-StarkWare @TzahiTaub