net/http: make startBackgroundRead panic if hijacked

Fixes #20933

Change-Id: I827c8d265674a7448c51c1da991e9b3b4501ba11
Reviewed-on: https://go-review.googlesource.com/59850
Run-TryBot: Tom Bergan <tombergan@google.com>
Reviewed-by: Tom Bergan <tombergan@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>

diff --git a/src/net/http/server.go b/src/net/http/server.go
index 9b3efecb59c26390a3d6994c988af464cd7f7e91..d29d3a462a4f3af79bca578c717260a56229146d 100644 (file)
--- a/src/net/http/server.go
+++ b/src/net/http/server.go
@@ -729,6 +729,9 @@ func (cr *connReader) Read(p []byte) (n int, err error) {
        cr.lock()
        if cr.inRead {
                cr.unlock()
+               if cr.conn.hijacked() {
+                       panic("invalid Body.Read call. After hijacked, the original Request must not be used")
+               }
                panic("invalid concurrent Body.Read call")
        }
        if cr.hitReadLimit() {