Merge branch 'api_size_limits' into integration

2025-10-12 14:53:49 +01:00 · 2025-10-07 14:10:14 -10:00
parent 7f13080478 b9e2a30a38
commit b5ef87a1b8
3 changed files with 13 additions and 18 deletions
--- a/esphome/components/api/api_frame_helper.h
+++ b/esphome/components/api/api_frame_helper.h
@@ -19,13 +19,14 @@ namespace esphome::api {
 //#define HELPER_LOG_PACKETS

 // Maximum message size limits to prevent OOM on constrained devices
-// Voice Assistant is our largest user at 1024 bytes per audio chunk
-// Using 2048 + 256 bytes overhead = 2304 bytes total to support voice and future needs
-// ESP8266 has very limited RAM and cannot support voice assistant
+// Handshake messages are limited to a small size for security
+static constexpr uint16_t MAX_HANDSHAKE_SIZE = 128;
+
+// Data message limits vary by platform based on available memory
 #ifdef USE_ESP8266
-static constexpr uint16_t MAX_MESSAGE_SIZE = 512;  // Keep small for memory constrained ESP8266
+static constexpr uint16_t MAX_MESSAGE_SIZE = 8192;  // 8 KiB for ESP8266
 #else
-static constexpr uint16_t MAX_MESSAGE_SIZE = 2304;  // Support voice (1024) + headroom for larger messages
+static constexpr uint16_t MAX_MESSAGE_SIZE = 32768;  // 32 KiB for ESP32 and other platforms
 #endif

 // Forward declaration
--- a/esphome/components/api/api_frame_helper_noise.cpp
+++ b/esphome/components/api/api_frame_helper_noise.cpp
@@ -168,18 +168,12 @@ APIError APINoiseFrameHelper::try_read_frame_() {
  // read body
  uint16_t msg_size = (((uint16_t) rx_header_buf_[1]) << 8) | rx_header_buf_[2];

-  if (state_ != State::DATA && msg_size > 128) {
-    // for handshake message only permit up to 128 bytes
+  // Check against size limits to prevent OOM: MAX_HANDSHAKE_SIZE for handshake, MAX_MESSAGE_SIZE for data
+  uint16_t limit = (state_ == State::DATA) ? MAX_MESSAGE_SIZE : MAX_HANDSHAKE_SIZE;
+  if (msg_size > limit) {
    state_ = State::FAILED;
-    HELPER_LOG("Bad packet len for handshake: %d", msg_size);
-    return APIError::BAD_HANDSHAKE_PACKET_LEN;
-  }
-
-  // Check against maximum message size to prevent OOM
-  if (msg_size > MAX_MESSAGE_SIZE) {
-    state_ = State::FAILED;
-    HELPER_LOG("Bad packet: message size %u exceeds maximum %u", msg_size, MAX_MESSAGE_SIZE);
-    return APIError::BAD_DATA_PACKET;
+    HELPER_LOG("Bad packet: message size %u exceeds maximum %u", msg_size, limit);
+    return (state_ == State::DATA) ? APIError::BAD_DATA_PACKET : APIError::BAD_HANDSHAKE_PACKET_LEN;
  }

  // Reserve space for body
--- a/tests/integration/test_oversized_payloads.py
+++ b/tests/integration/test_oversized_payloads.py
@@ -161,8 +161,8 @@ async def test_oversized_payload_noise(
            assert device_info is not None
            assert device_info.name == "oversized-noise"

-            # Create an oversized payload (>2304 bytes which is our new limit)
-            oversized_data = b"Y" * 3000  # ~3KiB, exceeds the 2304 byte limit
+            # Create an oversized payload (>32Kbytes which is our new limit)
+            oversized_data = b"Y" * 32769  # ~32KiB, exceeds the 32 Kbyte limit

            # Access the internal connection to send raw data
            frame_helper = client._connection._frame_helper