valyala/fasthttp

It is not safe to read all stream body to memory without a max size limit.

Open

#1.765 geöffnet am 23. Apr. 2024

Auf GitHub ansehen
 (8 Kommentare) (0 Reaktionen) (0 zugewiesene Personen)Go (1.755 Forks)batch import
help wanted

Repository-Metriken

Stars
 (21.741 Stars)
PR-Merge-Metriken
 (Durchschn. Merge 1T 11h) (34 gemergte PRs in 30 T)

Beschreibung

https://github.com/valyala/fasthttp/blob/57b9352ad1cc93a0aaaa72b2130e03ace8a5b118/http.go#L427 I think it would be safe to stop reading the request body into memory and return an error when it exceeds the maximum request body size. Otherwise, it may lead to an out-of-memory (OOM) error when the request body is too large.

Contributor Guide