net/http: panic: runtime error: index out of range (when using a faulty proxy server) #22179
Comments
|
Thank you for the report @derlaft. This issue is a duplicate of #21701 and there is a CL and test ready for it, we just need to test out the code on Windows and then we'll be ready to merge and fix it. /cc @tombergan |
|
Thank you. Sorry for the dupe -- I checked the issues before posting, but not carefully enough. |
|
That's alright @derlaft, it wasn't an obvious duplicate at all, I too had to double check and it is only by familiarity of that issue that I recalled it :) |
|
@derlaft please get the latest from master, this bug was fixed by CL https://go-review.googlesource.com/c/59990/ that was merged already. Thank you for your report. |
|
How can I apply these patch to Go official package or must build Go from scratch? |
|
@anhhh11 you can take a look at https://golang.org/dl/#unstable or you can build from source as per https://golang.org/doc/install/source |
|
@odeke-em seemly i meet the same issue with go 1.9.3 on Windows, didn't it be fixed yet? |
|
@missdeer it is fixed on Go1.10 and beyond, please try out Go1.10rc1 as per the comments on #22179 (comment) |
What version of Go are you using (
go version)?go1.9, problem exists in the master branch
Does this issue reproduce with the latest release?
yes
What operating system and processor architecture are you using (
go env)?not related
What did you do?
use a faulty proxy server
What did you expect to see?
no panic, error is returned
What did you see instead?
a panic
The problem is in this line: https://github.com/golang/go/blob/master/src/net/http/transport.go#L1133
The slice size of f is not checked. Therefore, if resp.Status has no spaces, the following panic is generated instead of the error:
The text was updated successfully, but these errors were encountered: