@ai-sdk/provider-utils 4.0.29 → 4.0.30

package/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @ai-sdk/provider-utils
 
+## 4.0.30
+
+### Patch Changes
+
+- 779f5cd: fix(provider-utils): cancel response body on download rejection to prevent socket leak
+
+  When a download was rejected early — because the `Content-Length` header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in `readResponseWithSizeLimit`, `download`, and `downloadBlob`, and `fetchWithValidatedRedirects` cancels each redirect hop's body before following or rejecting the next hop.
+
 ## 4.0.29
 
 ### Patch Changes

package/dist/index.d.mts

@@ -1332,6 +1332,20 @@ declare function createProviderToolFactoryWithOutputSchema<INPUT, OUTPUT, ARGS e
     supportsDeferredResults?: boolean;
 }): ProviderToolFactoryWithOutputSchema<INPUT, OUTPUT, ARGS>;
 
+/**
+ * Cancels a response body to release the underlying connection.
+ *
+ * When a fetch Response is rejected without consuming its body (e.g. a failed
+ * status code, an open-redirect rejection, or a Content-Length that exceeds the
+ * size limit), the underlying TCP socket is not returned to the connection pool
+ * and may stay open until the process runs out of file descriptors. Cancelling
+ * the body avoids this leak.
+ *
+ * Errors thrown while cancelling are ignored: the body may already be locked,
+ * disturbed, or absent, none of which should mask the original rejection.
+ */
+declare function cancelResponseBody(response: Response): Promise<void>;
+
 /**
  * Removes entries from a record where the value is null or undefined.
  * @param record - The input object whose entries may be null or undefined.
@@ -1504,4 +1518,4 @@ interface ToolResult<NAME extends string, INPUT, OUTPUT> {
  */
 type ToolCallOptions = ToolExecutionOptions;
 
-export { type AssistantContent, type AssistantModelMessage, DEFAULT_MAX_DOWNLOAD_SIZE, type DataContent, DelayedPromise, DownloadError, type FetchFunction, type FilePart, type FlexibleSchema, type IdGenerator, type ImagePart, type InferSchema, type InferToolInput, type InferToolOutput, type LazySchema, type MaybePromiseLike, type ModelMessage, type ParseResult, type ProviderOptions, type ProviderToolFactory, type ProviderToolFactoryWithOutputSchema, type ReasoningPart, type Resolvable, type ResponseHandler, type Schema, type SystemModelMessage, type TextPart, type Tool, type ToolApprovalRequest, type ToolApprovalResponse, type ToolCall, type ToolCallOptions, type ToolCallPart, type ToolContent, type ToolExecuteFunction, type ToolExecutionOptions, type ToolModelMessage, type ToolNameMapping, type ToolNeedsApprovalFunction, type ToolResult, type ToolResultOutput, type ToolResultPart, type UserContent, type UserModelMessage, VERSION, type ValidationResult, asSchema, combineHeaders, convertAsyncIteratorToReadableStream, convertBase64ToUint8Array, convertImageModelFileToDataUri, convertToBase64, convertToFormData, convertUint8ArrayToBase64, createBinaryResponseHandler, createEventSourceResponseHandler, createIdGenerator, createJsonErrorResponseHandler, createJsonResponseHandler, createProviderToolFactory, createProviderToolFactoryWithOutputSchema, createStatusCodeErrorResponseHandler, createToolNameMapping, delay, downloadBlob, dynamicTool, executeTool, extractResponseHeaders, fetchWithValidatedRedirects, generateId, getErrorMessage, getFromApi, getRuntimeEnvironmentUserAgent, injectJsonInstructionIntoMessages, isAbortError, isBrowserRuntime, isNonNullable, isParsableJson, isSameOrigin, isUrlSupported, jsonSchema, lazySchema, loadApiKey, loadOptionalSetting, loadSetting, mediaTypeToExtension, normalizeHeaders, parseJSON, parseJsonEventStream, parseProviderOptions, postFormDataToApi, postJsonToApi, postToApi, readResponseWithSizeLimit, removeUndefinedEntries, resolve, safeParseJSON, safeValidateTypes, stripFileExtension, tool, validateDownloadUrl, validateTypes, withUserAgentSuffix, withoutTrailingSlash, zodSchema };
+export { type AssistantContent, type AssistantModelMessage, DEFAULT_MAX_DOWNLOAD_SIZE, type DataContent, DelayedPromise, DownloadError, type FetchFunction, type FilePart, type FlexibleSchema, type IdGenerator, type ImagePart, type InferSchema, type InferToolInput, type InferToolOutput, type LazySchema, type MaybePromiseLike, type ModelMessage, type ParseResult, type ProviderOptions, type ProviderToolFactory, type ProviderToolFactoryWithOutputSchema, type ReasoningPart, type Resolvable, type ResponseHandler, type Schema, type SystemModelMessage, type TextPart, type Tool, type ToolApprovalRequest, type ToolApprovalResponse, type ToolCall, type ToolCallOptions, type ToolCallPart, type ToolContent, type ToolExecuteFunction, type ToolExecutionOptions, type ToolModelMessage, type ToolNameMapping, type ToolNeedsApprovalFunction, type ToolResult, type ToolResultOutput, type ToolResultPart, type UserContent, type UserModelMessage, VERSION, type ValidationResult, asSchema, cancelResponseBody, combineHeaders, convertAsyncIteratorToReadableStream, convertBase64ToUint8Array, convertImageModelFileToDataUri, convertToBase64, convertToFormData, convertUint8ArrayToBase64, createBinaryResponseHandler, createEventSourceResponseHandler, createIdGenerator, createJsonErrorResponseHandler, createJsonResponseHandler, createProviderToolFactory, createProviderToolFactoryWithOutputSchema, createStatusCodeErrorResponseHandler, createToolNameMapping, delay, downloadBlob, dynamicTool, executeTool, extractResponseHeaders, fetchWithValidatedRedirects, generateId, getErrorMessage, getFromApi, getRuntimeEnvironmentUserAgent, injectJsonInstructionIntoMessages, isAbortError, isBrowserRuntime, isNonNullable, isParsableJson, isSameOrigin, isUrlSupported, jsonSchema, lazySchema, loadApiKey, loadOptionalSetting, loadSetting, mediaTypeToExtension, normalizeHeaders, parseJSON, parseJsonEventStream, parseProviderOptions, postFormDataToApi, postJsonToApi, postToApi, readResponseWithSizeLimit, removeUndefinedEntries, resolve, safeParseJSON, safeValidateTypes, stripFileExtension, tool, validateDownloadUrl, validateTypes, withUserAgentSuffix, withoutTrailingSlash, zodSchema };

package/dist/index.d.ts

@@ -1332,6 +1332,20 @@ declare function createProviderToolFactoryWithOutputSchema<INPUT, OUTPUT, ARGS e
     supportsDeferredResults?: boolean;
 }): ProviderToolFactoryWithOutputSchema<INPUT, OUTPUT, ARGS>;
 
+/**
+ * Cancels a response body to release the underlying connection.
+ *
+ * When a fetch Response is rejected without consuming its body (e.g. a failed
+ * status code, an open-redirect rejection, or a Content-Length that exceeds the
+ * size limit), the underlying TCP socket is not returned to the connection pool
+ * and may stay open until the process runs out of file descriptors. Cancelling
+ * the body avoids this leak.
+ *
+ * Errors thrown while cancelling are ignored: the body may already be locked,
+ * disturbed, or absent, none of which should mask the original rejection.
+ */
+declare function cancelResponseBody(response: Response): Promise<void>;
+
 /**
  * Removes entries from a record where the value is null or undefined.
  * @param record - The input object whose entries may be null or undefined.
@@ -1504,4 +1518,4 @@ interface ToolResult<NAME extends string, INPUT, OUTPUT> {
  */
 type ToolCallOptions = ToolExecutionOptions;
 
-export { type AssistantContent, type AssistantModelMessage, DEFAULT_MAX_DOWNLOAD_SIZE, type DataContent, DelayedPromise, DownloadError, type FetchFunction, type FilePart, type FlexibleSchema, type IdGenerator, type ImagePart, type InferSchema, type InferToolInput, type InferToolOutput, type LazySchema, type MaybePromiseLike, type ModelMessage, type ParseResult, type ProviderOptions, type ProviderToolFactory, type ProviderToolFactoryWithOutputSchema, type ReasoningPart, type Resolvable, type ResponseHandler, type Schema, type SystemModelMessage, type TextPart, type Tool, type ToolApprovalRequest, type ToolApprovalResponse, type ToolCall, type ToolCallOptions, type ToolCallPart, type ToolContent, type ToolExecuteFunction, type ToolExecutionOptions, type ToolModelMessage, type ToolNameMapping, type ToolNeedsApprovalFunction, type ToolResult, type ToolResultOutput, type ToolResultPart, type UserContent, type UserModelMessage, VERSION, type ValidationResult, asSchema, combineHeaders, convertAsyncIteratorToReadableStream, convertBase64ToUint8Array, convertImageModelFileToDataUri, convertToBase64, convertToFormData, convertUint8ArrayToBase64, createBinaryResponseHandler, createEventSourceResponseHandler, createIdGenerator, createJsonErrorResponseHandler, createJsonResponseHandler, createProviderToolFactory, createProviderToolFactoryWithOutputSchema, createStatusCodeErrorResponseHandler, createToolNameMapping, delay, downloadBlob, dynamicTool, executeTool, extractResponseHeaders, fetchWithValidatedRedirects, generateId, getErrorMessage, getFromApi, getRuntimeEnvironmentUserAgent, injectJsonInstructionIntoMessages, isAbortError, isBrowserRuntime, isNonNullable, isParsableJson, isSameOrigin, isUrlSupported, jsonSchema, lazySchema, loadApiKey, loadOptionalSetting, loadSetting, mediaTypeToExtension, normalizeHeaders, parseJSON, parseJsonEventStream, parseProviderOptions, postFormDataToApi, postJsonToApi, postToApi, readResponseWithSizeLimit, removeUndefinedEntries, resolve, safeParseJSON, safeValidateTypes, stripFileExtension, tool, validateDownloadUrl, validateTypes, withUserAgentSuffix, withoutTrailingSlash, zodSchema };
+export { type AssistantContent, type AssistantModelMessage, DEFAULT_MAX_DOWNLOAD_SIZE, type DataContent, DelayedPromise, DownloadError, type FetchFunction, type FilePart, type FlexibleSchema, type IdGenerator, type ImagePart, type InferSchema, type InferToolInput, type InferToolOutput, type LazySchema, type MaybePromiseLike, type ModelMessage, type ParseResult, type ProviderOptions, type ProviderToolFactory, type ProviderToolFactoryWithOutputSchema, type ReasoningPart, type Resolvable, type ResponseHandler, type Schema, type SystemModelMessage, type TextPart, type Tool, type ToolApprovalRequest, type ToolApprovalResponse, type ToolCall, type ToolCallOptions, type ToolCallPart, type ToolContent, type ToolExecuteFunction, type ToolExecutionOptions, type ToolModelMessage, type ToolNameMapping, type ToolNeedsApprovalFunction, type ToolResult, type ToolResultOutput, type ToolResultPart, type UserContent, type UserModelMessage, VERSION, type ValidationResult, asSchema, cancelResponseBody, combineHeaders, convertAsyncIteratorToReadableStream, convertBase64ToUint8Array, convertImageModelFileToDataUri, convertToBase64, convertToFormData, convertUint8ArrayToBase64, createBinaryResponseHandler, createEventSourceResponseHandler, createIdGenerator, createJsonErrorResponseHandler, createJsonResponseHandler, createProviderToolFactory, createProviderToolFactoryWithOutputSchema, createStatusCodeErrorResponseHandler, createToolNameMapping, delay, downloadBlob, dynamicTool, executeTool, extractResponseHeaders, fetchWithValidatedRedirects, generateId, getErrorMessage, getFromApi, getRuntimeEnvironmentUserAgent, injectJsonInstructionIntoMessages, isAbortError, isBrowserRuntime, isNonNullable, isParsableJson, isSameOrigin, isUrlSupported, jsonSchema, lazySchema, loadApiKey, loadOptionalSetting, loadSetting, mediaTypeToExtension, normalizeHeaders, parseJSON, parseJsonEventStream, parseProviderOptions, postFormDataToApi, postJsonToApi, postToApi, readResponseWithSizeLimit, removeUndefinedEntries, resolve, safeParseJSON, safeValidateTypes, stripFileExtension, tool, validateDownloadUrl, validateTypes, withUserAgentSuffix, withoutTrailingSlash, zodSchema };

package/dist/index.js

@@ -36,6 +36,7 @@ __export(index_exports, {
   EventSourceParserStream: () => import_stream2.EventSourceParserStream,
   VERSION: () => VERSION,
   asSchema: () => asSchema,
+  cancelResponseBody: () => cancelResponseBody,
   combineHeaders: () => combineHeaders,
   convertAsyncIteratorToReadableStream: () => convertAsyncIteratorToReadableStream,
   convertBase64ToUint8Array: () => convertBase64ToUint8Array,
@@ -307,6 +308,15 @@ function convertToFormData(input, options = {}) {
   return formData;
 }
 
+// src/cancel-response-body.ts
+async function cancelResponseBody(response) {
+  var _a2;
+  try {
+    await ((_a2 = response.body) == null ? void 0 : _a2.cancel());
+  } catch (e) {
+  }
+}
+
 // src/download-error.ts
 var import_provider = require("@ai-sdk/provider");
 var name = "AI_DownloadError";
@@ -506,6 +516,7 @@ async function fetchWithValidatedRedirects({
     }
     const location = response.headers.get("location");
     if (response.status >= 300 && response.status < 400 && location) {
+      await cancelResponseBody(response);
       currentUrl = new URL(location, currentUrl).toString();
       continue;
     }
@@ -528,6 +539,7 @@ async function readResponseWithSizeLimit({
   if (contentLength != null) {
     const length = parseInt(contentLength, 10);
     if (!isNaN(length) && length > maxBytes) {
+      await cancelResponseBody(response);
       throw new DownloadError({
         url,
         message: `Download of ${url} exceeded maximum size of ${maxBytes} bytes (Content-Length: ${length}).`
@@ -581,6 +593,7 @@ async function downloadBlob(url, options) {
       abortSignal: options == null ? void 0 : options.abortSignal
     });
     if (!response.ok) {
+      await cancelResponseBody(response);
       throw new DownloadError({
         url,
         statusCode: response.status,
@@ -764,7 +777,7 @@ function withUserAgentSuffix(headers, ...userAgentSuffixParts) {
 }
 
 // src/version.ts
-var VERSION = true ? "4.0.29" : "0.0.0-test";
+var VERSION = true ? "4.0.30" : "0.0.0-test";
 
 // src/get-from-api.ts
 var getOriginalFetch = () => globalThis.fetch;
@@ -2886,6 +2899,7 @@ var import_stream2 = require("eventsource-parser/stream");
   EventSourceParserStream,
   VERSION,
   asSchema,
+  cancelResponseBody,
   combineHeaders,
   convertAsyncIteratorToReadableStream,
   convertBase64ToUint8Array,