1
0
mirror of https://github.com/golang/go synced 2024-11-13 17:20:22 -07:00

net/textproto: turn an ancient DoS BUG annotation into a comment

Actually fixing this "bug" would be weird, since io.LimitReader already
does what we need, as demonstrated by net/http's use.

Thanks to @davidfstr for pointing this out.

Change-Id: If707bcc698d1666a369b39ddfa9770685fbe3879
Reviewed-on: https://go-review.googlesource.com/1579
Reviewed-by: Rob Pike <r@golang.org>
This commit is contained in:
Brad Fitzpatrick 2014-12-16 14:06:53 +11:00
parent df1739c77d
commit 3185f8620c

View File

@ -13,10 +13,6 @@ import (
"strings"
)
// BUG(rsc): To let callers manage exposure to denial of service
// attacks, Reader should allow them to set and reset a limit on
// the number of bytes read from the connection.
// A Reader implements convenience methods for reading requests
// or responses from a text protocol network connection.
type Reader struct {
@ -26,6 +22,10 @@ type Reader struct {
}
// NewReader returns a new Reader reading from r.
//
// To avoid denial of service attacks, the provided bufio.Reader
// should be reading from an io.LimitReader or similar Reader to bound
// the size of responses.
func NewReader(r *bufio.Reader) *Reader {
return &Reader{R: r}
}