net/http: backport "multipart ReadForm close file after copy" to 1.7 #17965
Comments
CL https://golang.org/cl/33639 mentions this issue. |
gopherbot
pushed a commit
that referenced
this issue
Dec 1, 2016
…copy Always close the file regardless of whether the copy succeeds or fails. Pass along the close error if the copy succeeds Updates #16296 Fixes #17965 Change-Id: Ib394655b91d25750f029f17b3846d985f673fb50 Reviewed-on: https://go-review.googlesource.com/30410 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-on: https://go-review.googlesource.com/33639 Reviewed-by: Chris Broadfoot <cbro@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
Included in Go 1.6.4 via f0fa13b: |
mem
added a commit
to mem/oe-meta-go
that referenced
this issue
Jan 5, 2017
Fixes golang/go#17965 Always close the file regardless of whether the copy succeeds or fails. Pass along the close error if the copy succeeds Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
If we do another release of Go 1.7, back port:
Reportedly, it closes a potential DoS vector, exhausting a server's file descriptors.
/cc @broady @quentinmit
The text was updated successfully, but these errors were encountered: