[gamelift realtime server] - RangeError: Max payload size exceeded

Hi,

I am using AWS gamelift realtime server (NodeJS) for my server backend.
I recently noticed a limitation of the size of the WebSocket packet of around 4KB.

When a client do send a packet reaching that limit, the WS library sends a RangeError, Max payload size exceeded. This error bubbles until it becomes a Process uncaught Exception
This error is then caught by gamelift.js to log the error Realtime server crashed due to: process.uncaughtException, but then exits.

Is there any way I can recover from the error and not exits my server ? I tried to adds another process.on('uncaughtException but it does not seems to be called.

I wish I was able to discard the message.
Also, I am not a security expert, but it seems to me to be a vector of DOS attack.

For the record, I have been able to catch the error using process.setUncaughtExceptionCaptureCallback.

Still the socket becomes unusable without the client to be noticed, but at least other clients are not affected.

Hi @maxired ,

Thanks for bringing this up to us, I will cut a ticket to investigate this issue. It’ll be great if you can provide a datapoint on what’s your preferred way of solving this issue, e.g. log then ignore the error? invoke a callback to the server process?

For now, to unblock yourself, could you potentially limit the size of the payload on the client-side?

P50353516

EDIT:

Are you by any chance testing websocket connection without using the realtime client sdk? Asking because the client SDK should have rejected payload with size greater than 4KB. (See maxReliableMessageBytes in Client.cs)

Hi @JamesM_Aws, thanks for your answer.

yes I will try to split my message so it does not reach this size.
I am indeed not using the realtime client SDK, as I am working on a web application.

I understand why we might want such a limit. I guess ideally the server should be able to inform the client that the payload is not acceptable. If this is not possible, because the Websocket is in a stale state, then a callback on the server would be great, to be sure I got the opportunity to clean the data from that connection. (I did not check if the onPlayerDisconnect was already called in that case)

Note that you can override the default max message size. The recommendation is to keep this as small as possible since larger messages can’t be sent over UDP and are more likely to get fragmented, affected by network congestion, etc. The setting name is “maxMessageSize” and can be adjusted in the configuration setting similar to this example:

https://docs.aws.amazon.com/gamelift/latest/developerguide/realtime-script.html

Thanks for pointing this out, we have deployed a fix for this issue.

Thanks Luming!

Hi @maxired,

Now, when receiving a large message (exceeding 4KB + 1KB buffer), the game server will log a message and terminate the websocket connection with the client. The reason for this is because we don’t want to let the player to continuously saturate the buffer with large messages.

It’s still prudent to add a limitation in your custom client to ensure the message size is smaller than 4KB, otherwise the gameplay will be interrupted. For others using the officially supported C# realtime server client SDK, this client-side validation is already implemented.

Please recreate a new fleet to adopt this change and let us know if it helped your use case!