Skip to content

ws client: cap close-reason transcode buffer at 125 to remove unsafe cast #30778

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
robobun wants to merge 9 commits into
base: main
Choose a base branch
from

ci: retrigger

bbf49b2
Select commit
Loading
Failed to load commit list.
Open

ws client: cap close-reason transcode buffer at 125 to remove unsafe cast #30778

ci: retrigger
bbf49b2
Select commit
Loading
Failed to load commit list.
Claude / Claude Code Review completed May 21, 2026 in 17m 37s

Code review found 1 potential issue

Found 1 candidates, confirmed 1. See review comments for details.

Details

Severity Count
🔴 Important 0
🟡 Nit 1
🟣 Pre-existing 0
Severity File:Line Issue
🟡 Nit src/http_jsc/websocket_client.rs:1665-1675 Stale comment: malformed-frame rationale no longer reflects send_close_with_body's .min(123) clamp

Annotations

Check warning on line 1675 in src/http_jsc/websocket_client.rs

See this annotation in the file changed.

@claude claude / Claude Code Review

Stale comment: malformed-frame rationale no longer reflects send_close_with_body's .min(123) clamp 

The new comment justifying `MAX_REASON_BYTES = 123` says `send_close_with_body` "computes the header length as `(body_len + 2) & 0x7F`" and that a 124/125-byte reason "writes a header length of 126 or 127 … and malform[s] the frame" — but after the 2026-05-21 rebase, `send_close_with_body` does `let body_len = body_len.min(123);` (line 1346) *before* computing the header length, so that scenario can no longer occur. The 123-byte cursor cap is still worthwhile — it routes overflow to a clean no-r
View more details on Claude