Fix: SMB pivot session memory leak causing server OOM kill

[Cherno-x]

Summary

• Fix data starvation-accumulation cycle in extractPivotTasks: ensure a minimum 64KB allocation per pivot child so SMB agent tasks can be extracted instead of accumulating indefinitely
• Cap Queue capacity at 65536 items: drop oldest/newest items when full instead of unbounded resize(), preventing memory from growing without limit
• Update LastTick for non-async agents (SMB/TCP) in TsAgentProcessData so the server can track their liveness and detect stale sessions
• Add bounds check in SMB/TCP InternalHandler before slicing decrypted agent info data

Root Cause

When a parent HTTP agent checks in, extractPivotTasks passes lostSize = availableSize - usedSize to each SMB child. After packing the parent's own tasks, lostSize is often too small or near-zero, causing TsAgentGetHostedAll for the child to return empty. Meanwhile, TsAgentProcessData (triggered by COMMAND_PIVOT_EXEC) keeps generating new response tasks that get queued into the child's HostedTasks. These tasks are never extracted and accumulate indefinitely, causing the Queue to grow without bound until the server is OOM-killed.

Additionally, non-async agents (SMB/TCP) never get their LastTick updated, preventing the server from detecting and cleaning up dead sessions.

Testing

• Started teamserver with HTTP + SMB listeners
• Launched HTTP agent, linked 2 SMB pivot sessions
• Monitored server memory over extended period: stable at ~80MB (0.4% of 15GB)
• Previously, the same scenario would consume all available memory until OOM kill

Files Changed

File	Change
core/server/ts_tasks.go	Minimum pivot data allocation (64KB) + skip empty data
core/utils/safe/queue.go	Max capacity limit (65536) + bounded Push/PushFront
core/server/ts_agent.go	LastTick update for non-async agents
extenders/beacon_listener_smb/pl_main.go	Bounds check on decrypted data
extenders/beacon_listener_tcp/pl_main.go	Bounds check on decrypted data

🤖 Generated with Claude Code