-
YACOVM authored
Currently, the gossip code panics if it's unable to sign a message or to marshal it bytes, because the assumption was that if the signing failed then something is terrible wrong with the peer and it's not recoverable If turning a message into bytes fails, it's because of something not recoverable too. However, a user posted a stack trace in which gossip tried constructing a message that its envelope has a payload of 2GB. Now, the cause for a creation of such a message was fixed but in theory we may somehow have a situation where a large message is constructed. In order to prevent these kind of problems, and the crash of the peer, we need to make the Signer return an error instead of panicking. Change-Id: Ife8f4e137c92c167dadc7bbe1bcdf45f93b2b38e Signed-off-by: Yacov Manevich <yacovm@il.ibm.com>
d7233d59