bug說明及分析
Gin master分支在20190602-20190612期間的版本,存在通過c.PostForm獲取form中的參數有誤的bug。
此bug在有一定併發時,由於複用之前的連接而未清除之前的緩存,導致獲取的參數爲舊參數。
type Context struct {
...
// formCache use url.ParseQuery cached PostForm contains the parsed form data from POST, PATCH,
// or PUT body parameters.
formCache url.Values
}
func (c *Context) reset() {
c.Writer = &c.writermem
c.Params = c.Params[0:0]
c.handlers = nil
c.index = -1
c.fullPath = ""
c.Keys = nil
c.Errors = c.Errors[0:0]
c.Accepted = nil
c.queryCache = nil
//此處未重置formCache
}
func (c *Context) getFormCache() {
if c.formCache == nil {
c.formCache = make(url.Values)
req := c.Request
if err := req.ParseMultipartForm(c.engine.MaxMultipartMemory); err != nil {
if err != http.ErrNotMultipart {
debugPrint("error on parse multipart form array: %v", err)
}
}
c.formCache = req.PostForm
}
}
bug修復歷史
具體修復歷史見:此處
建議
更新gin至最新即可,如果無法更新,則建議使用c.Request.PostFormValue(key)代替c.PostForm(key)