Server DOS attack via large buffer input

Currently, if a client creates a buffer with a very large size (e.g., buffer.create(1000000)) and sends it to the server, the server attempts to parse the entire buffer within a loop. This can cause severe performance issues or even crash the server.

[1Axen]

This is a know issue, but it's out of blink's security scope. For what it's worth I have plans to mitigate this as part of the ongoing rewrite.