@grpc/grpc-js can allocate memory for incoming messages well above configured limits
There are two separate code paths in which memory can be allocated per message in excess of the grpc.max_receive_message_length channel option: If an incoming message has a size on the wire greater than the configured limit, the entire message is buffered before it is discarded. If an incoming message has a size within the limit on the wire but decompresses to a size greater than the limit, the entire message …