From 290f53c38cdacd502eb6dda52f2ad207063e3973 Mon Sep 17 00:00:00 2001
From: murilo ijanc
Date: Wed, 25 Mar 2026 15:41:40 -0300
Subject: Limit stdin read in tp, bound protocol drain, document Arc leak

- tp: limit stdin to 64 KiB + 1 byte to reject oversized pastes
  early without unbounded memory allocation
- daemon: bound the oversized-line drain to MAX_LINE_SIZE so a
  client without newlines cannot block beyond the read timeout
- tpd: document intentional Arc::into_raw leak in signal handler
---
 src/bin/tpd.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/bin/tpd.rs')

diff --git a/src/bin/tpd.rs b/src/bin/tpd.rs
index a1edf79..e1ebc7b 100644
--- a/src/bin/tpd.rs
+++ b/src/bin/tpd.rs
@@ -256,7 +256,9 @@ fn main() {
 
     let shutdown = Arc::new(AtomicBool::new(false));
 
-    // Signal handler
+    // Signal handler — Arc::into_raw intentionally leaks the
+    // refcount so the pointer remains valid for the process
+    // lifetime. No matching Arc::from_raw needed.
     let sig = Arc::clone(&shutdown);
     unsafe {
         SHUTDOWN_PTR.store(
-- 
cgit v1.2.3