Enforce Chunk Size on Incoming Data Stream (dotnet#35110)

* Enforce Chunk Size on Incoming Data Stream

Realized we were missing this explicit check for the JS->.NET Streaming. Regardless, the SignalR message size limit should serve as a good failsafe in this case.

* Fix typo

Author: TanayParikh

src/Components/Server/src/Circuits/RemoteJSDataStream.cs

@@ -15,6 +15,7 @@ internal sealed class RemoteJSDataStream : Stream
         private readonly RemoteJSRuntime _runtime;
         private readonly long _streamId;
         private readonly long _totalLength;
+        private readonly int _chunkSize;
         private readonly TimeSpan _jsInteropDefaultCallTimeout;
         private readonly CancellationToken _streamCancellationToken;
         private readonly Stream _pipeReaderStream;
@@ -49,11 +50,11 @@ public static async ValueTask<RemoteJSDataStream> CreateRemoteJSDataStreamAsync(
             // transfer per chunk with a 1 kb message size.
             // Additionally, to maintain interactivity, we put an upper limit of 50 kb on the message size.
             var chunkSize = signalRMaximumIncomingBytes > 1024 ?
-                Math.Min(signalRMaximumIncomingBytes, 50*1024) - 512 :
+                (int)Math.Min(signalRMaximumIncomingBytes, 50*1024) - 512 :
                 throw new ArgumentException($"SignalR MaximumIncomingBytes must be at least 1 kb.");
 
             var streamId = runtime.RemoteJSDataStreamNextInstanceId++;
-            var remoteJSDataStream = new RemoteJSDataStream(runtime, streamId, totalLength, jsInteropDefaultCallTimeout, cancellationToken);
+            var remoteJSDataStream = new RemoteJSDataStream(runtime, streamId, totalLength, chunkSize, jsInteropDefaultCallTimeout, cancellationToken);
             await runtime.InvokeVoidAsync("Blazor._internal.sendJSDataStream", jsStreamReference, streamId, chunkSize);
             return remoteJSDataStream;
         }
@@ -62,12 +63,14 @@ private RemoteJSDataStream(
             RemoteJSRuntime runtime,
             long streamId,
             long totalLength,
+            int chunkSize,
             TimeSpan jsInteropDefaultCallTimeout,
             CancellationToken cancellationToken)
         {
             _runtime = runtime;
             _streamId = streamId;
             _totalLength = totalLength;
+            _chunkSize = chunkSize;
             _jsInteropDefaultCallTimeout = jsInteropDefaultCallTimeout;
             _streamCancellationToken = cancellationToken;
 
@@ -107,6 +110,11 @@ private async Task<bool> ReceiveData(long chunkId, byte[] chunk, string error)
                     throw new EndOfStreamException("The incoming data chunk cannot be empty.");
                 }
 
+                if (chunk.Length > _chunkSize)
+                {
+                    throw new EndOfStreamException("The incoming data chunk exceeded the permitted length.");
+                }
+
                 _bytesRead += chunk.Length;
 
                 if (_bytesRead > _totalLength)

src/Components/Server/src/ComponentHub.cs

@@ -361,9 +361,6 @@ private static class Log
             private static readonly Action<ILogger, string, Exception> _invalidCircuitId =
                 LoggerMessage.Define<string>(LogLevel.Debug, new EventId(8, "InvalidCircuitId"), "ConnectAsync received an invalid circuit id '{CircuitIdSecret}'");
 
-            private static readonly Action<ILogger, Exception> _sendingDotNetStreamFailed =
-                LoggerMessage.Define(LogLevel.Debug, new EventId(9, "SendingDotNetStreamFailed"), "Sending the .NET stream data to JS failed");
-
             public static void ReceivedConfirmationForBatch(ILogger logger, long batchId) => _receivedConfirmationForBatch(logger, batchId, null);
 
             public static void CircuitAlreadyInitialized(ILogger logger, CircuitId circuitId) => _circuitAlreadyInitialized(logger, circuitId, null);
@@ -376,8 +373,6 @@ private static class Log
 
             public static void CircuitInitializationFailed(ILogger logger, Exception exception) => _circuitInitializationFailed(logger, exception);
 
-            public static void SendingDotNetStreamFailed(ILogger logger, Exception exception) => _sendingDotNetStreamFailed(logger, exception);
-
             public static void CreatedCircuit(ILogger logger, CircuitId circuitId, string circuitSecret, string connectionId)
             {
                 // Redact the secret unless tracing is on.

src/Components/Server/test/Circuits/RemoteJSDataStreamTest.cs

@@ -140,6 +140,25 @@ public async Task ReceiveData_WithZeroLengthChunk()
             Assert.Equal("The incoming data chunk cannot be empty.", ex.Message);
         }
 
+        [Fact]
+        public async Task ReceiveData_WithLargerChunksThanPermitted()
+        {
+            // Arrange
+            var jsRuntime = new TestRemoteJSRuntime(Options.Create(new CircuitOptions()), Options.Create(new HubOptions()), Mock.Of<ILogger<RemoteJSRuntime>>());
+            var remoteJSDataStream = await CreateRemoteJSDataStreamAsync(jsRuntime);
+            var streamId = GetStreamId(remoteJSDataStream, jsRuntime);
+            var chunk = new byte[50_000]; // more than the 32k maximum chunk size
+
+            // Act & Assert 1
+            var ex = await Assert.ThrowsAsync<EndOfStreamException>(async () => await RemoteJSDataStream.ReceiveData(jsRuntime, streamId, chunkId: 0, chunk, error: null).DefaultTimeout());
+            Assert.Equal("The incoming data chunk exceeded the permitted length.", ex.Message);
+
+            // Act & Assert 2
+            using var mem = new MemoryStream();
+            ex = await Assert.ThrowsAsync<EndOfStreamException>(async () => await remoteJSDataStream.CopyToAsync(mem).DefaultTimeout());
+            Assert.Equal("The incoming data chunk exceeded the permitted length.", ex.Message);
+        }
+
         [Fact]
         public async Task ReceiveData_ProvidedWithMoreBytesThanRemaining()
         {