hermes-agent/plugins/platforms
Teknium 74541beb9c
fix(security): cap WeCom callback body size before pre-auth XML parse (#54615)
The WeCom callback endpoint (internet-facing, 0.0.0.0) parsed untrusted
request bodies before signature verification. defusedxml already guards
the entity-expansion class on main, but there was no cap on raw body
size, so an unauthenticated POST could still force unbounded read work
pre-auth.

Set client_max_size=64KB on the aiohttp app (413 at the framework layer)
plus an explicit length guard in _handle_callback as defense in depth.
WeCom callbacks are small encrypted XML envelopes — media is delivered
out-of-band via MediaId, never inline — so 64KB is ample for legitimate
traffic. Adds tests for oversized (413) and normal-sized (not 413) bodies.

Salvaged from #10192 by @memosr (body-size limit half; defusedxml half
already superseded on main).
2026-06-28 22:35:43 -07:00
..
dingtalk fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
discord fix(windows): hide remaining backend console-flash legs missed on main 2026-06-28 10:19:21 -05:00
email fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
feishu fix(gateway,feishu): refuse executor resurrection during real shutdown 2026-06-27 04:13:09 -07:00
google_chat fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
homeassistant fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
irc fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
line fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
matrix fix(matrix,mattermost): invite auth check + API path traversal guard 2026-06-28 20:47:33 -07:00
mattermost fix(matrix,mattermost): invite auth check + API path traversal guard 2026-06-28 20:47:33 -07:00
ntfy fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
photon revert(windows): roll back terminal-popup PRs #53791 #53810 #53829 (#53853) 2026-06-27 15:59:00 -07:00
raft revert(windows): roll back terminal-popup PRs #53791 #53810 #53829 (#53853) 2026-06-27 15:59:00 -07:00
simplex fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
slack fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
sms fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
teams fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
telegram fix(telegram): reject unauthorized users before event construction (#40863) 2026-06-28 14:25:15 -07:00
wecom fix(security): cap WeCom callback body size before pre-auth XML parse (#54615) 2026-06-28 22:35:43 -07:00
whatsapp fix(windows): hide remaining backend console-flash legs missed on main 2026-06-28 10:19:21 -05:00