From 0817bd8a27a685d309c0b0b3b5faca276e3a8eba Mon Sep 17 00:00:00 2001 From: ptrus Date: Thu, 23 Nov 2023 12:24:32 +0100 Subject: [PATCH] go/sgx/http: close response body on non-200 requests --- go/common/sgx/pcs/http.go | 1 + go/ias/http/http.go | 8 ++------ 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/go/common/sgx/pcs/http.go b/go/common/sgx/pcs/http.go index fa8d0138ec4..dfdf07f3927 100644 --- a/go/common/sgx/pcs/http.go +++ b/go/common/sgx/pcs/http.go @@ -75,6 +75,7 @@ func (hc *httpClient) doPCSRequest(ctx context.Context, u *url.URL, method, body "method", method, "url", u, ) + resp.Body.Close() return nil, fmt.Errorf("pcs: response status error: %s", http.StatusText(resp.StatusCode)) } diff --git a/go/ias/http/http.go b/go/ias/http/http.go index f32c75ead48..89ae0bab528 100644 --- a/go/ias/http/http.go +++ b/go/ias/http/http.go @@ -82,6 +82,7 @@ func (e *httpEndpoint) doIASRequest(ctx context.Context, method, uPath, bodyType } if resp.StatusCode != http.StatusOK { logger.Error("ias response status error", "status", http.StatusText(resp.StatusCode), "method", method, "url", u) + resp.Body.Close() return nil, fmt.Errorf("ias: response status error: %s", http.StatusText(resp.StatusCode)) } @@ -126,9 +127,6 @@ func (e *httpEndpoint) VerifyEvidence(ctx context.Context, evidence *api.Evidenc query = []string{iasAPIAVRTCBUpdateParam, iasAPIAVRTCBUpdateValueEarly} } resp, err := e.doIASRequest(ctx, http.MethodPost, iasAPIAttestationReportPath, "application/json", bytes.NewReader(reqPayload), query...) - if resp != nil { - defer resp.Body.Close() - } if err != nil { return nil, fmt.Errorf("ias: http POST failed: %w", err) } @@ -165,12 +163,10 @@ func (e *httpEndpoint) GetSigRL(ctx context.Context, epidGID uint32) ([]byte, er // Dispatch the request via HTTP. p := path.Join(iasAPISigRLPath, hex.EncodeToString(gid[:])) resp, err := e.doIASRequest(ctx, http.MethodGet, p, "", nil) - if resp != nil { - defer resp.Body.Close() - } if err != nil { return nil, fmt.Errorf("ias: http GET failed: %w", err) } + defer resp.Body.Close() // Extract and parse the SigRL. sigRL, err := io.ReadAll(resp.Body)