fix(security): Add ReadHeaderTimeout to pprof server to mitigate G112

Signed-off-by: grzesuav <grzesuav@gmail.com>
grzesuav · Jul 21, 2022 · a11059f · a11059f
1 parent aaedd7e
commit a11059f
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/pkg/profile/pprof_profiler.go b/pkg/profile/pprof_profiler.go
@@ -7,6 +7,7 @@ import (
 	_ "net/http/pprof"
 	"os"
 	"os/signal"
+	"time"
 )
 
 func EnablePprof(address string) <-chan struct{} {
@@ -32,7 +33,11 @@ func EnablePprof(address string) <-chan struct{} {
 	logging.Logger.V(4).Info("enabling pprof", "address", address)
 	pprofMux := http.DefaultServeMux
 	http.DefaultServeMux = http.NewServeMux()
-	server := &http.Server{Addr: address, Handler: pprofMux}
+	server := &http.Server{
+		Addr:              address,
+		Handler:           pprofMux,
+		ReadHeaderTimeout: 30 * time.Second,
+	}
 	pprofStopChan := make(chan struct{})
 
 	go func() {