| commit | 07e05fd6e95ab445ebe48840c81a027dbace3b8e | [log] [tgz] |
|---|---|---|
| author | Nikita Sivukhin <sivukhin@sharechat.co> | Fri Jan 05 11:25:21 2024 +0400 |
| committer | Gopher Robot <gobot@golang.org> | Wed Jan 10 15:35:37 2024 +0000 |
| tree | e0e4f96a0cc311fc9b10de4dd0de88c04d1919af | |
| parent | 26b646ea024741dd5d8e141fc33d8149c465686a [diff] |
http2: remove suspicious uint32->v conversion in frame code Function maxHeaderStringLen(...) uses uint32(int(v)) == v check to validate if length will fit in the int type. This check is a no-op on any architecture because int type always has at least 32 bits, so we can potentially encounter negative return values from maxHeaderStringLen(...) function. This can be bad as this outcome clearly breaks code intention and maybe some further code invariants. This patch replaces uint32(int(v)) == v check with more robust and simpler int(v) > 0 validation which is correct for our case when we operating with uint32 Fixes golang/go#64961 Change-Id: I31f95709df9d25593ade3200696ac5cef9f88652 Reviewed-on: https://go-review.googlesource.com/c/net/+/554235 Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
This repository holds supplementary Go networking libraries.
The easiest way to install is to run go get -u golang.org/x/net. You can also manually git clone the repository to $GOPATH/src/golang.org/x/net.
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html. The main issue tracker for the net repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/net:” in the subject line, so it is easy to find.