diff --git a/esphome/components/api/api_frame_helper.h b/esphome/components/api/api_frame_helper.h index 815064c973..9aaada3cf7 100644 --- a/esphome/components/api/api_frame_helper.h +++ b/esphome/components/api/api_frame_helper.h @@ -19,13 +19,14 @@ namespace esphome::api { //#define HELPER_LOG_PACKETS // Maximum message size limits to prevent OOM on constrained devices -// Voice Assistant is our largest user at 1024 bytes per audio chunk -// Using 2048 + 256 bytes overhead = 2304 bytes total to support voice and future needs -// ESP8266 has very limited RAM and cannot support voice assistant +// Handshake messages are limited to a small size for security +static constexpr uint16_t MAX_HANDSHAKE_SIZE = 128; + +// Data message limits vary by platform based on available memory #ifdef USE_ESP8266 -static constexpr uint16_t MAX_MESSAGE_SIZE = 512; // Keep small for memory constrained ESP8266 +static constexpr uint16_t MAX_MESSAGE_SIZE = 8192; // 8 KiB for ESP8266 #else -static constexpr uint16_t MAX_MESSAGE_SIZE = 2304; // Support voice (1024) + headroom for larger messages +static constexpr uint16_t MAX_MESSAGE_SIZE = 32768; // 32 KiB for ESP32 and other platforms #endif // Forward declaration diff --git a/esphome/components/api/api_frame_helper_noise.cpp b/esphome/components/api/api_frame_helper_noise.cpp index 6bb9b68f89..1213e65948 100644 --- a/esphome/components/api/api_frame_helper_noise.cpp +++ b/esphome/components/api/api_frame_helper_noise.cpp @@ -168,18 +168,12 @@ APIError APINoiseFrameHelper::try_read_frame_() { // read body uint16_t msg_size = (((uint16_t) rx_header_buf_[1]) << 8) | rx_header_buf_[2]; - if (state_ != State::DATA && msg_size > 128) { - // for handshake message only permit up to 128 bytes + // Check against size limits to prevent OOM: MAX_HANDSHAKE_SIZE for handshake, MAX_MESSAGE_SIZE for data + uint16_t limit = (state_ == State::DATA) ? MAX_MESSAGE_SIZE : MAX_HANDSHAKE_SIZE; + if (msg_size > limit) { state_ = State::FAILED; - HELPER_LOG("Bad packet len for handshake: %d", msg_size); - return APIError::BAD_HANDSHAKE_PACKET_LEN; - } - - // Check against maximum message size to prevent OOM - if (msg_size > MAX_MESSAGE_SIZE) { - state_ = State::FAILED; - HELPER_LOG("Bad packet: message size %u exceeds maximum %u", msg_size, MAX_MESSAGE_SIZE); - return APIError::BAD_DATA_PACKET; + HELPER_LOG("Bad packet: message size %u exceeds maximum %u", msg_size, limit); + return (state_ == State::DATA) ? APIError::BAD_DATA_PACKET : APIError::BAD_HANDSHAKE_PACKET_LEN; } // Reserve space for body diff --git a/tests/integration/test_oversized_payloads.py b/tests/integration/test_oversized_payloads.py index 22167118af..3e0a7b655c 100644 --- a/tests/integration/test_oversized_payloads.py +++ b/tests/integration/test_oversized_payloads.py @@ -161,8 +161,8 @@ async def test_oversized_payload_noise( assert device_info is not None assert device_info.name == "oversized-noise" - # Create an oversized payload (>2304 bytes which is our new limit) - oversized_data = b"Y" * 3000 # ~3KiB, exceeds the 2304 byte limit + # Create an oversized payload (>32Kbytes which is our new limit) + oversized_data = b"Y" * 32769 # ~32KiB, exceeds the 32 Kbyte limit # Access the internal connection to send raw data frame_helper = client._connection._frame_helper