net/http: don't panic on very large MaxBytesReaderLimit

Fixes #54408

Change-Id: I454199ae5bcd087b8fc4169b7622412105e71113
GitHub-Last-Rev: a33fe7e206d0c394440962acd360df3aa9b117c3
GitHub-Pull-Request: golang/go#54415
Reviewed-on: https://go-review.googlesource.com/c/go/+/423314
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: xie cui <523516579@qq.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: hopehook <hopehook@qq.com>

2 files changed, 8 insertions, 1 deletions

diff --git a/src/net/http/request.go b/src/net/http/request.go
index a03a54b943..924ca1b390 100644
--- a/src/net/http/request.go
+++ b/src/net/http/request.go
@@ -1169,7 +1169,8 @@ func (l *maxBytesReader) Read(p []byte) (n int, err error) {
 	// If they asked for a 32KB byte read but only 5 bytes are
 	// remaining, no need to read 32KB. 6 bytes will answer the
 	// question of the whether we hit the limit or go past it.
-	if int64(len(p)) > l.n+1 {
+	// 0 < len(p) < 2^63
+	if int64(len(p))-1 > l.n {
 		p = p[:l.n+1]
 	}
 	n, err = l.r.Read(p)
diff --git a/src/net/http/request_test.go b/src/net/http/request_test.go
index ce673d34a2..672c01c387 100644
--- a/src/net/http/request_test.go
+++ b/src/net/http/request_test.go
@@ -982,6 +982,12 @@ func TestMaxBytesReaderDifferentLimits(t *testing.T) {
 			wantN:   len(testStr),
 			wantErr: false,
 		},
+		10: { /* Issue 54408 */
+			limit:   int64(1<<63-1),
+			lenP:    len(testStr),
+			wantN:   len(testStr),
+			wantErr: false,
+		},
 	}
 	for i, tt := range tests {
 		rc := MaxBytesReader(nil, io.NopCloser(strings.NewReader(testStr)), tt.limit)