valyala/fasthttp

It is not safe to read all stream body to memory without a max size limit.

Open

#1.765 aberto em 23 de abr. de 2024

Ver no GitHub
 (8 comments) (0 reactions) (0 assignees)Go (1.755 forks)batch import
help wanted

Métricas do repositório

Stars
 (21.741 stars)
Métricas de merge de PR
 (Mesclagem média 1d 11h) (34 fundiu PRs em 30d)

Description

https://github.com/valyala/fasthttp/blob/57b9352ad1cc93a0aaaa72b2130e03ace8a5b118/http.go#L427 I think it would be safe to stop reading the request body into memory and return an error when it exceeds the maximum request body size. Otherwise, it may lead to an out-of-memory (OOM) error when the request body is too large.

Guia do colaborador