Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent overflow and panic on large HTTP responses #1351

merged 1 commit into from Jul 29, 2022

Prevent overflow and panic on large HTTP responses #1351

merged 1 commit into from Jul 29, 2022


Copy link

@lpar lpar commented Jul 28, 2022

The round2 function in http.go didn't check for overflow when converting a uint32 value +1 to an int. As a result, it could return 0 for large values, and hence attempting to handle a large response could result in a panic:

panic: runtime error: slice bounds out of range [:2930135446] with capacity 0

goroutine 36966 [running]:, {0xa49b78?, 0x0?, 0x0?}, 0xa49b78?)
	/home/meta/go/pkg/mod/ +0x214, 0xc0403869c0?, 0xc02ef77cd0?, {0xa49b78?, 0xc02ef77cd0?, 0x6918e5?})
	/home/meta/go/pkg/mod/ +0x5d*Response).ReadBody(0xc00060ab60, 0xc0403869c0?, 0x0?)
	/home/meta/go/pkg/mod/ +0x186*Response).ReadLimitBody(0xc00060ab60, 0x7d7a98?, 0xc03ed69880?)
	/home/meta/go/pkg/mod/ +0xd8*HostClient).doNonNilReqResp(0xc001c47d40, 0xc000628a80, 0xc00060ab60)
	/home/meta/go/pkg/mod/ +0x570*HostClient).do(0xc0437abce0?, 0x0?, 0xc00060ab60)
	/home/meta/go/pkg/mod/ +0x79*HostClient).Do(0xc001c47d40, 0xc000628a80, 0xc0437abce0?)
	/home/meta/go/pkg/mod/ +0x91*Client).Do(0xc0000dc900, 0xc000628a80, 0x0?)
	/home/meta/go/pkg/mod/ +0x59f
	/home/meta/go/pkg/mod/ +0x79
created by
	/home/meta/go/pkg/mod/ +0x46d

This patch fixes round2 to return a maximum value of math.MaxInt32, which seems to make sense given that the calculation is done using a uint32, and you probably don't want a bigger buffer than that even on 64 bit systems.

@erikdubbelboer erikdubbelboer merged commit 42f83c6 into valyala:master Jul 29, 2022
14 checks passed
Copy link


bbenzikry pushed a commit to bbenzikry/fasthttp that referenced this pull request Sep 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

Successfully merging this pull request may close these issues.

None yet

2 participants