Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: client panic on missing digest value #633

Merged
merged 1 commit into from Mar 21, 2023
Merged

fix: client panic on missing digest value #633

merged 1 commit into from Mar 21, 2023

Conversation

segevda
Copy link
Contributor

@segevda segevda commented Mar 20, 2023

After splitting key=value pairs, we check that there are really key AND value. A maliciously crafted response header can cause the client to panic.

@segevda
fix: client panic on missing digest value
c3ae2b7 
After splitting key=value pairs, we check that there are really key AND
value. A maliciously crafted response header can cause the client to
panic.
@codecov
Copy link

codecov bot commented Mar 20, 2023

Codecov Report

Merging #633 (c3ae2b7) into master (38b1644) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##           master     #633   +/-   ##
=======================================
  Coverage   95.83%   95.83%           
=======================================
  Files          11       11           
  Lines        1559     1561    +2     
=======================================
+ Hits         1494     1496    +2     
  Misses         40       40           
  Partials       25       25
Impacted Files Coverage Δ
digest.go 95.65% <100.00%> (+0.06%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

jeevatkm
jeevatkm approved these changes Mar 21, 2023
View reviewed changes
Copy link
Member

@jeevatkm jeevatkm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@segevda Thanks for the PR.

@jeevatkm jeevatkm added the bug label Mar 21, 2023
@jeevatkm jeevatkm added this to the v2.8.0 Milestone milestone Mar 21, 2023
@jeevatkm jeevatkm merged commit ad31b9f into go-resty:master Mar 21, 2023
5 checks passed
@bboreham bboreham mentioned this pull request Nov 2, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeevatkm jeevatkm jeevatkm approved these changes

Assignees

@segevda segevda

Labels
bug
Milestone
v2.8.0 Milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@segevda @jeevatkm