GHSA-74m6-4hjp-7226: Klever-Go P2P MultiDataInterceptor leaks global throttler slots on malformed compressed batches (DoS)

The P2P MultiDataInterceptor starts throttled processing before it validates and decompresses a received batch. PreProcessMessage checks whether the global interceptor throttler can process the message and then calls StartProcessing(). After that point, ProcessReceivedMessage unmarshals the batch and enters the compressed-batch branch when b.IsCompressed is true. If b.Decompress() fails, the function logs the gzip error and returns immediately without calling EndProcessing().

This creates a permanent slot leak in the interceptor throttler. The normal successful path releases the slot only later in the asynchronous processing goroutine. Other validation error paths release the slot explicitly, but the decompression-error path does not. The impact is amplified because the same global throttler is shared by transaction multi-data interceptors, trie-node multi-data interceptors, and header interceptors. The hardcoded global capacity is 100, so a connected peer that can deliver 100 malformed compressed batch envelopes can cause later valid P2P interceptor processing on the affected node to fail with system busy until the process is restarted or the throttler state is otherwise reset.