New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/http: http2 page fails on firefox/safari if pushing resources [1.21 backport] #63560
Labels
CherryPickApproved
Used during the release process for point releases
Milestone
Comments
gopherbot
added
the
CherryPickCandidate
Used during the release process for point releases
label
Oct 15, 2023
dr2chase
added
the
CherryPickApproved
Used during the release process for point releases
label
Oct 25, 2023
gopherbot
removed
the
CherryPickCandidate
Used during the release process for point releases
label
Oct 25, 2023
Change https://go.dev/cl/537996 mentions this issue: |
Change https://go.dev/cl/537957 mentions this issue: |
gopherbot
pushed a commit
to golang/net
that referenced
this issue
Oct 27, 2023
…push After CL 534215 was merged to fix a CVE it introduced an underflow when we try to decrement sc.curHandlers in handlerDone. The func startPush calls runHandler without incrementing curHandlers. Seems to only affect users of http.Pusher. For golang/go#63511 For golang/go#63560 Change-Id: Ic537c27c9945c2c2d4306ddb04e9527b65cee320 GitHub-Last-Rev: 249fe55 GitHub-Pull-Request: #197 Reviewed-on: https://go-review.googlesource.com/c/net/+/535595 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Mauri de Souza Meneguzzo <mauri870@gmail.com> (cherry picked from commit 37479d6) Reviewed-on: https://go-review.googlesource.com/c/net/+/537957 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
gopherbot
pushed a commit
that referenced
this issue
Oct 30, 2023
…/http2 After CL 534295 was merged to fix a CVE it introduced an underflow when we try to decrement sc.curHandlers in handlerDone. Pull in a fix from x/net/http2: http2: fix underflow in http2 server push https://go-review.googlesource.com/c/net/+/535595 For #63511 Fixes #63560 Change-Id: I5c678ce7dcc53635f3ad5e4999857cb120dfc1ab GitHub-Last-Rev: 587ffa3 GitHub-Pull-Request: #63561 Reviewed-on: https://go-review.googlesource.com/c/go/+/535575 Run-TryBot: Mauri de Souza Meneguzzo <mauri870@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> (cherry picked from commit 0046c14) Reviewed-on: https://go-review.googlesource.com/c/go/+/537996 Reviewed-by: Cherry Mui <cherryyz@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Closed by merging 434af85 to release-branch.go1.21. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@mauri870 requested issue #63511 to be considered for backport to the next 1.21 minor release.
The text was updated successfully, but these errors were encountered: