Closed
Description
What version of Go are you using (go version
)?
$ go version go version go1.16.2 linux/amd64
Does this issue reproduce with the latest release?
Affirmative.
What operating system and processor architecture are you using (go env
)?
go env
Output
$ go env
What did you do?
Passed n
< -1 to the MaxBytesReader
constructor.
https://play.golang.org/p/aFTkl-eFmOZ
It won't compile in the playground, not sure why (timeout running go build
).
What did you expect to see?
An error; behaviour similar to how io.LimitReader
behaves (https://play.golang.org/p/ZcUjYXNlGgR).
What did you see instead?
panic: runtime error: slice bounds out of range [:-1]
goroutine 1 [running]:
net/http.(*maxBytesReader).Read(0xc000121f40, 0xc000022350, 0x4, 0x4, 0xc000048710, 0x44164a, 0xc000026000)
/usr/local/go/src/net/http/request.go:1147 +0x206
...
The fix would be pretty simple, although far from an elegant one:
func MaxBytesReader(w http.ResponseWriter, r io.ReadCloser, n int64) io.ReadCloser {
+ if n < -1 {
+ return &maxBytesReader{w: w, r: r, n: -1}
+ }
return &maxBytesReader{w: w, r: r, n: n}
}
It was a bit unexpected for me, and if it's indeed an unexpected behaviour, I can work on this and provide some fix.