From d7430eb92171f6066745705090cf617b3eea3870 Mon Sep 17 00:00:00 2001
From: Sergey <xxsmotur@gmail.com>
Date: Mon, 4 Feb 2019 11:03:27 +0500
Subject: [PATCH] SessionRead: check of the length for input sid variable

---
 session/sess_file.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/session/sess_file.go b/session/sess_file.go
index c089dade..db143522 100644
--- a/session/sess_file.go
+++ b/session/sess_file.go
@@ -19,6 +19,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"os"
+	"errors"
 	"path"
 	"path/filepath"
 	"strings"
@@ -131,6 +132,9 @@ func (fp *FileProvider) SessionRead(sid string) (Store, error) {
 	if strings.ContainsAny(sid, "./") {
 		return nil, nil
 	}
+	if len(sid) < 2 {
+		return nil, errors.New("length of the sid is less than 2")
+	}
 	filepder.lock.Lock()
 	defer filepder.lock.Unlock()