net/http: limit chunked data overhead - go - Fork of Go programming language with my patches.

diff options

author	Damien Neil <dneil@google.com>	2023-11-07 10:47:56 -0800
committer	Carlos Amedee <carlos@golang.org>	2023-12-05 17:17:59 +0000
commit	285ef16b3872faccb877abaef5e481a630acdaf2 (patch)
tree	51c5f4dcd7842d4d7e8adaacbea2cb0a6a104fd7 /src/runtime/mbitmap_allocheaders.go
parent	16d3040a84be821d801b75bd1a3d8ab4cc89ee36 (diff)
download	go-285ef16b3872faccb877abaef5e481a630acdaf2.tar.xz

net/http: limit chunked data overhead

The chunked transfer encoding adds some overhead to the content transferred. When writing one byte per chunk, for example, there are five bytes of overhead per byte of data transferred: "1\r\nX\r\n" to send "X". Chunks may include "chunk extensions", which we skip over and do not use. For example: "1;chunk extension here\r\nX\r\n". A malicious sender can use chunk extensions to add about 4k of overhead per byte of data. (The maximum chunk header line size we will accept.) Track the amount of overhead read in chunked data, and produce an error if it seems excessive. Fixes #64433 Fixes CVE-2023-39326 Change-Id: I40f8d70eb6f9575fb43f506eb19132ccedafcf39 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2076135 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/547335 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

Diffstat (limited to 'src/runtime/mbitmap_allocheaders.go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: