Enforce size limit in payjoin-cli

Because these are unbounded allocations a malicious receiver can cause
memory exhaustion for the sender.

Co-authored-by: Shing Him Ng <shinghim@protonmail.com>

Author: spacebear21

payjoin-cli/src/app/v1.rs

@@ -17,7 +17,7 @@ use payjoin::bitcoin::FeeRate;
 use payjoin::receive::v1::{PayjoinProposal, UncheckedProposal};
 use payjoin::receive::ReplyableError::{self, Implementation, V1};
 use payjoin::send::v1::SenderBuilder;
-use payjoin::{ImplementationError, Uri, UriExt};
+use payjoin::{ImplementationError, Uri, UriExt, MAX_CONTENT_LENGTH};
 use tokio::net::TcpListener;
 use tokio::sync::watch;
 
@@ -88,12 +88,15 @@ impl AppTrait for App {
             "Sent fallback transaction hex: {:#}",
             payjoin::bitcoin::consensus::encode::serialize_hex(&fallback_tx)
         );
-        let psbt = ctx.process_response(&mut response.bytes().await?.to_vec().as_slice()).map_err(
-            |e| {
-                log::debug!("Error processing response: {e:?}");
-                anyhow!("Failed to process response {e}")
-            },
-        )?;
+        let response_bytes = response.bytes().await?;
+        if response_bytes.len() > MAX_CONTENT_LENGTH {
+            return Err(anyhow!("Response bytes exceeded the limit of {MAX_CONTENT_LENGTH} bytes"));
+        }
+
+        let psbt = ctx.process_response(&mut response_bytes.to_vec().as_slice()).map_err(|e| {
+            log::debug!("Error processing response: {:?}", e);
+            anyhow!("Failed to process response {}", e)
+        })?;
 
         self.process_pj_response(psbt)?;
         Ok(())