Always close the IMDS response body

AzureAD / microsoft-authentication-library-for-go

The MSAL library for Go is part of the Microsoft identity platform for developers (formerly named Azure AD) v2.0. It enables you to acquire security tokens to call protected APIs. It uses industry standard OAuth2 and OpenID Connect.

MIT License

218 stars 87 forks source link

Always close the IMDS response body #478

Closed qmuntal closed 1 month ago

qmuntal commented 2 months ago

The http.Response body should always be closed, even for non-200 status codes. Not doing so leaks the system resources associated to the body.

While here, associate the context passed in detectRegion to the http request. It was previously not being used.

sonarcloud[bot] commented 2 months ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

epelc commented 2 months ago

Can this get merged? It's a good fix. Adds context usage and fixes leaks.