Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=go1.16.9 2021-10-07T19:49:45Z 2021-10-07T19:49:45Z Michael Anthony Knyszek mknyszek@google.com 2021-10-07T18:45:12Z urn:sha1:c580180744e60d6c84fc0b59d634fcff01290780 Change-Id: I7328dd94a85b97ec8c3ecf4f56eca9c56a6d806e Reviewed-on: https://go-review.googlesource.com/c/go/+/354593 Trust: Michael Knyszek <mknyszek@google.com> Run-TryBot: Michael Knyszek <mknyszek@google.com> Reviewed-by: Heschi Kreinick <heschi@google.com> TryBot-Result: Go Bot <gobot@golang.org> 2021-10-07T14:55:06Z Michael Knyszek mknyszek@google.com 2021-09-02T20:51:59Z urn:sha1:4548fcc8dfd933c237f29bba6f90040a85922564 On Wasm, wasm_exec.js puts command line arguments at the beginning of the linear memory (following the "zero page"). Currently there is no limit for this, and a very long command line can overwrite the program's data section. Prevent this by limiting the command line to 4096 bytes, and in the linker ensuring the data section starts at a high enough address (8192). (Arguably our address assignment on Wasm is a bit confusing. This is the minimum fix I can come up with.) Thanks to Ben Lubar for reporting this issue. Change by Cherry Mui <cherryyz@google.com>. For #48797 Fixes #48799 Fixes CVE-2021-38297 Change-Id: I0f50fbb2a5b6d0d047e3c134a88988d9133e4ab3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1205933 Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/354591 Trust: Michael Knyszek <mknyszek@google.com> Reviewed-by: Heschi Kreinick <heschi@google.com> 2021-09-23T21:18:29Z Ian Lance Taylor iant@golang.org 2021-09-17T19:27:23Z urn:sha1:7d573240307331c2dc9edfbb11ebbaa6bc677e99 For #39807 For #48436 Fixes #48443 Change-Id: I75f82fd8738dd2f11f0c69b1230e1be1abc36024 Reviewed-on: https://go-review.googlesource.com/c/go/+/350730 Trust: Ian Lance Taylor <iant@golang.org> Trust: Daniel Martí <mvdan@mvdan.cc> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Daniel Martí <mvdan@mvdan.cc> (cherry picked from commit ba1c52d7d77724de4407572bd02421c36df3d78a) Reviewed-on: https://go-review.googlesource.com/c/go/+/351116 2021-09-15T23:27:54Z Ian Lance Taylor iant@golang.org 2021-08-20T23:55:04Z urn:sha1:552410fec2c662b8cc003c27b239d8b5bb11fcd7 When the adjustTimers function removed a timer it assumed it was sufficient to continue the heap traversal at that position. However, in some cases a timer will be moved to an earlier position in the heap. If that timer is timerModifiedEarlier, that can leave timerModifiedEarliest not correctly representing the earlier such timer. Fix the problem by restarting the heap traversal at the earliest changed position. For #47762 Fixes #47858 Change-Id: I152bbe62793ee40a680baf49967bcb89b1f94764 Reviewed-on: https://go-review.googlesource.com/c/go/+/343882 Trust: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> (cherry picked from commit 2da3375e9b4980e368a8641f54cc53c4af4d1a12) Reviewed-on: https://go-review.googlesource.com/c/go/+/350000 2021-09-09T15:27:16Z Than McIntosh thanm@google.com 2021-09-09T14:05:55Z urn:sha1:170a72e58bd128b421f4b3974fe2a37fd035efdf Change-Id: I1926e1506e56fd0484bec71f7b43cee62e41b5b5 Reviewed-on: https://go-review.googlesource.com/c/go/+/348812 Run-TryBot: Than McIntosh <thanm@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Trust: Than McIntosh <thanm@google.com> 2021-09-09T13:49:11Z Ian Lance Taylor iant@golang.org 2021-05-03T23:32:52Z urn:sha1:021fc241c968d328559db8342549c52b9f91c967 This adds a new lock protecting "tmpl". This is a copy of https://golang.org/cl/257817 by Andreas Fleig, updated for current tip, and updated to start running the html/template TestEscapeRace test. Thanks to @bep for providing the test case. For #39807 Fixes #47042 Change-Id: Ic8874484290283a49116812eeaffb8608346dc70 Reviewed-on: https://go-review.googlesource.com/c/go/+/316669 Trust: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> (cherry picked from commit 496d7c691481966fd6ea806205aa025698a172af) Reviewed-on: https://go-review.googlesource.com/c/go/+/348580 Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> 2021-09-02T14:13:09Z Damien Neil dneil@google.com 2021-09-01T19:59:25Z urn:sha1:8226cb06aa44449a1b2f65dcfe87c4e9e2c45dbf For #47691. Change-Id: I6650fdfc78786fc47a54167bf2f9061422bbb343 Reviewed-on: https://go-review.googlesource.com/c/go/+/347031 Trust: Damien Neil <dneil@google.com> Run-TryBot: Damien Neil <dneil@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> 2021-09-01T16:41:45Z Roland Shoemaker roland@golang.org 2021-08-18T18:49:29Z urn:sha1:6c480017ae600b2c90a264a922e041df04dfa785 If the indicated directory size in the archive header is so large that subtracting it from the archive size overflows a uint64, the check that the indicated number of files in the archive can be effectively bypassed. Prevent this from happening by checking that the indicated directory size is less than the size of the archive. Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke for reporting it. Fixes #47985 Updates #47801 Fixes CVE-2021-39293 Change-Id: Ifade26b98a40f3b37398ca86bd5252d12394dd24 Reviewed-on: https://go-review.googlesource.com/c/go/+/343434 Trust: Roland Shoemaker <roland@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> (cherry picked from commit bacbc33439b124ffd7392c91a5f5d96eca8c0c0b) Reviewed-on: https://go-review.googlesource.com/c/go/+/345409 Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com> Trust: Cherry Mui <cherryyz@google.com> 2021-08-13T16:34:57Z Michael Pratt mpratt@google.com 2021-08-12T21:17:51Z urn:sha1:0d530843be0021aa56771c2f922e952beb190d97 On Linux ARMv6 and below runtime/internal/atomic.Cas calls into a kernel cas helper at a fixed address. If a SIGPROF arrives while executing the kernel helper, the sigprof lostAtomic logic will miss that we are potentially in the spinlock critical section, which could cause a deadlock when using atomics later in sigprof. For #47505 Fixes #47675 Change-Id: If8ba0d0fc47e45d4e6c68eca98fac4c6ed4e43c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/341889 Trust: Michael Pratt <mpratt@google.com> Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> (cherry picked from commit 20a620fd9f7bc35739c1af3602d53808d0430814) Reviewed-on: https://go-review.googlesource.com/c/go/+/341853 2021-08-11T16:14:09Z Than McIntosh thanm@google.com 2021-02-19T15:34:55Z urn:sha1:d66b2112bd076e29349e1060e812a211a8fa9c32 Change the TestInstallationImporter testpoint to query type information for sort.Search instead of sort.Ints. The latter function changed recently (1.16 timeframe), parameter "a" is now "x". A better candidate for this sort of query is sort.Search, which has been stable for a while. Fixes #47610. Change-Id: I314476eac0b0802f86f5cbce32195cab2926db83 Reviewed-on: https://go-review.googlesource.com/c/go/+/294290 Trust: Than McIntosh <thanm@google.com> Run-TryBot: Than McIntosh <thanm@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> (cherry picked from commit 0f66fb7b856b02497cf801ce72d80f375f53358b) Reviewed-on: https://go-review.googlesource.com/c/go/+/340952