Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=go1.10.8 2019-01-23T19:47:24Z 2019-01-23T19:47:24Z Julie Qiu julie@golang.org 2019-01-23T19:08:07Z urn:sha1:b0cb374daf646454998bac7b393f3236a2ab6aca Change-Id: Ie18399a328452f61b232a6929ecf53cb79306773 Reviewed-on: https://team-review.git.corp.google.com/c/400910 Reviewed-by: Filippo Valsorda <valsorda@google.com> 2019-01-23T19:05:45Z Ian Lance Taylor iant@golang.org 2019-01-11T22:26:24Z urn:sha1:ed3af1d472dad80cf070848917b80276ecb6a652 Fixes #29698 Change-Id: I0531c0a274b120af8871aa2f5975744ff6c912a3 Reviewed-on: https://go-review.googlesource.com/c/157638 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-on: https://team-review.git.corp.google.com/c/401204 Reviewed-by: Filippo Valsorda <valsorda@google.com> 2019-01-23T17:57:18Z Julie Qiu julie@golang.org 2019-01-23T17:39:16Z urn:sha1:d4cad3c4b15a6364d8d98424ee264559f3dd5bdb Change-Id: I97ce42e1e9a6d10bf1eeccc2763e043d8ebe5bab Reviewed-on: https://team-review.git.corp.google.com/c/400906 Reviewed-by: Filippo Valsorda <valsorda@google.com> (cherry picked from commit efe766c7c0918da96aa21e1ac03a9d3fa57ca156) Reviewed-on: https://team-review.git.corp.google.com/c/400907 2019-01-23T17:28:54Z Filippo Valsorda filippo@golang.org 2019-01-22T21:02:41Z urn:sha1:d5f2dc6a5ca30590b121622af8f918d4484d4946 If beta8 is unusually large, the addition loop might take a very long time to bring x3-beta8 back positive. This would lead to a DoS vulnerability in the implementation of the P-521 and P-384 elliptic curves that may let an attacker craft inputs to ScalarMult that consume excessive amounts of CPU. This fixes CVE-2019-6486. Change-Id: Ia969e8b5bf5ac4071a00722de9d5e4d856d8071a Reviewed-on: https://team-review.git.corp.google.com/c/399777 Reviewed-by: Adam Langley <agl@google.com> Reviewed-by: Julie Qiu <julieqiu@google.com> (cherry picked from commit 746d6abe2dfb9ce7609f8e1e1a8dcb7e221f423e) Reviewed-on: https://team-review.git.corp.google.com/c/401143 Reviewed-by: Filippo Valsorda <valsorda@google.com> 2018-12-14T23:34:23Z Filippo Valsorda valsorda@google.com 2018-12-14T22:44:26Z urn:sha1:f5ff72d62301c4e9d0a78167fab5914ca12919bd Change-Id: Ic9020b53da56c34250801e996248edbd3a4c632e Reviewed-on: https://go-review.googlesource.com/c/154308 Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> 2018-12-14T21:58:45Z Filippo Valsorda filippo@golang.org 2018-12-14T21:14:56Z urn:sha1:9a66eedd42a189b2bc13a613ea6237d15cace3a8 Change-Id: Id71aad4cf6149e0ba15f7fec0b74517827c37866 Reviewed-on: https://go-review.googlesource.com/c/154303 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> (cherry picked from commit 84bf9ce1fbe7ae8424031550d9cf3fe6b27575e3) Reviewed-on: https://go-review.googlesource.com/c/154305 2018-12-14T20:07:16Z Filippo Valsorda filippo@golang.org 2018-12-14T19:53:47Z urn:sha1:a9ccbe0a69fdbede2ec51f7c2f04f202fab72bb9 This reverts commit d74e69c7553fcb1e057821a089dc4f2c60f42e5d. Reason for revert: this fix has been backported to 1.11, and that makes it ineligible for backport to 1.10, since upgrading to 1.11 is a valid workaround according to https://github.com/golang/go/wiki/MinorReleases. Also, this triggers a bug on Wasm that would require a backport of CL 149965, too. Updates #28688 Updates #28959 Change-Id: I4e56554ea27b5db83bdb1e9d2103dd24e3da8cfc Reviewed-on: https://go-review.googlesource.com/c/154297 Reviewed-by: Cherry Zhang <cherryyz@google.com> Run-TryBot: Cherry Zhang <cherryyz@google.com> 2018-12-14T18:48:54Z Milan Knezevic milan.knezevic@mips.com 2018-11-09T17:30:46Z urn:sha1:d74e69c7553fcb1e057821a089dc4f2c60f42e5d When using soft-float, OMUL might be rewritten to function call so we should ensure it was evaluated first. Updates #28688 Fixes #28959 Change-Id: I30b87501782fff62d35151f394a1c22b0d490c6c Reviewed-on: https://go-review.googlesource.com/c/148837 Run-TryBot: Cherry Zhang <cherryyz@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> (cherry picked from commit c92e73b70253f5d88c473a7ad6c5b8d61b2debb7) Reviewed-on: https://go-review.googlesource.com/c/151343 Reviewed-by: Filippo Valsorda <filippo@golang.org> 2018-12-14T18:37:24Z Bryan C. Mills bcmills@google.com 2018-12-14T02:42:33Z urn:sha1:25bee965c685e3f35c10076648685e22e59fd656 Previously, RepoRootForImportPath trimmed certain "..." wildcards from package patterns (even though its name suggests that the argument must be an actual import path). It trimmed at the first path element that was literally "..." (although wildcards in general may appear within a larger path element), and relied on a subsequent check in RepoRootForImportPath to catch confusing resolutions. However, that causes 'go get' with wildcard patterns in fresh paths to fail as of CL 154101: a wildcard pattern is not a valid import path, and fails the path check. (The existing Test{Vendor,Go}Get* packages in go_test.go and vendor_test.go catch the failure, but they are all skipped when the "-short" flag is set — including in all.bash — and we had forgotten to run them separately.) We now trim the path before any element that contains a wildcard, and perform the path check (and repo resolution) on only that prefix. It is possible that the expanded path after fetching the repo will be invalid, but a repository can contain directories that are not valid import paths in general anyway. Fixes #29247 Change-Id: I70fb2f7fc6603b7d339fd6c02e8cdeacfc93fc4b Reviewed-on: https://go-review.googlesource.com/c/154108 Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-on: https://go-review.googlesource.com/c/154111 Run-TryBot: Bryan C. Mills <bcmills@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> 2018-12-13T22:08:33Z Dmitri Shuralyov dmitshur@golang.org 2018-12-13T22:08:33Z urn:sha1:f40c04941aee1735de27bb2dcb71ebedba815953 Change-Id: I7048387350b683030d9f3106979370b0d096ea38