valyala/fasthttp
View on GitHubIt is not safe to read all stream body to memory without a max size limit.
Open
#1,765 opened on Apr 23, 2024
help wanted
Repository metrics
- Stars
- (21,741 stars)
- PR merge metrics
- (Avg merge 1d 11h) (34 merged PRs in 30d)
Description
https://github.com/valyala/fasthttp/blob/57b9352ad1cc93a0aaaa72b2130e03ace8a5b118/http.go#L427 I think it would be safe to stop reading the request body into memory and return an error when it exceeds the maximum request body size. Otherwise, it may lead to an out-of-memory (OOM) error when the request body is too large.