mirror of
https://github.com/golang/go
synced 2024-11-13 17:20:22 -07:00
net/textproto: turn an ancient DoS BUG annotation into a comment
Actually fixing this "bug" would be weird, since io.LimitReader already does what we need, as demonstrated by net/http's use. Thanks to @davidfstr for pointing this out. Change-Id: If707bcc698d1666a369b39ddfa9770685fbe3879 Reviewed-on: https://go-review.googlesource.com/1579 Reviewed-by: Rob Pike <r@golang.org>
This commit is contained in:
parent
df1739c77d
commit
3185f8620c
@ -13,10 +13,6 @@ import (
|
||||
"strings"
|
||||
)
|
||||
|
||||
// BUG(rsc): To let callers manage exposure to denial of service
|
||||
// attacks, Reader should allow them to set and reset a limit on
|
||||
// the number of bytes read from the connection.
|
||||
|
||||
// A Reader implements convenience methods for reading requests
|
||||
// or responses from a text protocol network connection.
|
||||
type Reader struct {
|
||||
@ -26,6 +22,10 @@ type Reader struct {
|
||||
}
|
||||
|
||||
// NewReader returns a new Reader reading from r.
|
||||
//
|
||||
// To avoid denial of service attacks, the provided bufio.Reader
|
||||
// should be reading from an io.LimitReader or similar Reader to bound
|
||||
// the size of responses.
|
||||
func NewReader(r *bufio.Reader) *Reader {
|
||||
return &Reader{R: r}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user