Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=go1.20.5 2023-06-06T17:39:34Z 2023-06-06T17:39:34Z Gopher Robot gobot@golang.org 2023-06-06T17:16:37Z urn:sha1:e827d41c0a2ea392c117a790cdfed0022e419424 Change-Id: I8c6b2a71eef157558ef428782211c3feba4fd03a Reviewed-on: https://go-review.googlesource.com/c/go/+/501238 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> Run-TryBot: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-06-06T17:03:01Z Bryan C. Mills bcmills@google.com 2023-05-12T18:15:16Z urn:sha1:c0ed873cd8259f16d0da67eee783fda49f45ef61 Directory or file paths containing newlines may cause tools (such as cmd/cgo) that emit "//line" or "#line" -directives to write part of the path into non-comment lines in generated source code. If those lines contain valid Go code, it may be injected into the resulting binary. (Note that Go import paths and file paths within module zip files already could not contain newlines.) Thanks to Juho Nurminen of Mattermost for reporting this issue. Updates #60167. Fixes #60516. Fixes CVE-2023-29402. Change-Id: Ic3c7d8d1f6460993bd93a27035d61bff7dd68832 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1882606 Reviewed-by: Roland Shoemaker <bracewell@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Russ Cox <rsc@google.com> Reviewed-by: Damien Neil <dneil@google.com> (cherry picked from commit 41f9046495564fc728d6f98384ab7276450ac7e2) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902230 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904347 Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/501222 Run-TryBot: David Chase <drchase@google.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-06-06T17:03:00Z Roland Shoemaker bracewell@google.com 2023-05-05T20:10:34Z urn:sha1:356a419e2f811b65d227abcea1a346f8dcb154e0 Enforce that linker flags which expect arguments get them, otherwise it may be possible to smuggle unexpected flags through as the linker can consume what looks like a flag as an argument to a preceding flag (i.e. "-Wl,-O -Wl,-R,-bad-flag" is interpreted as "-O=-R -bad-flag"). Also be somewhat more restrictive in the general format of some flags. Thanks to Juho Nurminen of Mattermost for reporting this issue. Updates #60305 Fixes #60512 Fixes CVE-2023-29404 Change-Id: I5989f68d21a8851d8edd47f08550850524ee9180 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1876275 Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Damien Neil <dneil@google.com> (cherry picked from commit 896779503cf754cbdac24b61d4cc953b50fe2dde) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902226 TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904346 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/501221 Run-TryBot: David Chase <drchase@google.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-06-06T17:02:02Z Ian Lance Taylor iant@golang.org 2023-05-04T21:06:39Z urn:sha1:fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4 The flags that we recorded in _cgo_flags did not use any quoting, so a flag containing embedded spaces was mishandled. Change the _cgo_flags format to put each flag on a separate line. That is a simple format that does not require any quoting. As far as I can tell only cmd/go uses _cgo_flags, and it is only used for gccgo. If this patch doesn't cause any trouble, then in the next release we can change to only using _cgo_flags for gccgo. Thanks to Juho Nurminen of Mattermost for reporting this issue. Updates #60306 Fixes #60514 Fixes CVE-2023-29405 Change-Id: I36b6e188a44c80d7b9573efa577c386770bd2ba3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1875094 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> (cherry picked from commit bcdfcadd5612212089d958bc352a6f6c90742dcc) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902228 Run-TryBot: Roland Shoemaker <bracewell@google.com> TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904345 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/501220 TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: David Chase <drchase@google.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> 2023-06-06T17:01:31Z Roland Shoemaker bracewell@google.com 2023-05-09T18:47:57Z urn:sha1:36144ba429ef2650940c72e7a0b932af3612d420 On Unix platforms, the runtime previously did nothing special when a program was run with either the SUID or SGID bits set. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. Taking cues from glibc, this change implements a set of protections when a binary is run with SUID or SGID bits set (or is SUID/SGID-like). On Linux, whether to enable these protections is determined by whether the AT_SECURE flag is passed in the auxiliary vector. On platforms which have the issetugid syscall (the BSDs, darwin, and Solaris/Illumos), that is used. On the remaining platforms (currently only AIX) we check !(getuid() == geteuid() && getgid == getegid()). Currently when we determine a binary is "tainted" (using the glibc terminology), we implement two specific protections: 1. we check if the file descriptors 0, 1, and 2 are open, and if they are not, we open them, pointing at /dev/null (or fail). 2. we force GOTRACKBACK=none, and generally prevent dumping of trackbacks and registers when a program panics/aborts. In the future we may add additional protections. This change requires implementing issetugid on the platforms which support it, and implementing getuid, geteuid, getgid, and getegid on AIX. Thanks to Vincent Dehors from Synacktiv for reporting this issue. Updates #60272 Fixes #60518 Fixes CVE-2023-29403 Change-Id: Icb620f3f8755791d51b02b5c07fb24f40e19cb80 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1878434 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Russ Cox <rsc@google.com> (cherry picked from commit 87065663ea6d89cd54f65a515d8f2ed0ef285c19) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902232 TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904344 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/501227 TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: David Chase <drchase@google.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> 2023-05-30T19:39:43Z Bryan C. Mills bcmills@google.com 2023-05-22T15:18:30Z urn:sha1:5036ba77eb229222cbd5dee436949138ea219adf This may fix the android failures observed starting at CL 496715, such as the one in https://build.golang.org/log/a92cc6d5fa36bc31858631bacf2d8eacd93709a6. For #60217. Change-Id: I4e8eaf9890da269bd1758f59a29fa2a8131d8ae6 Reviewed-on: https://go-review.googlesource.com/c/go/+/496955 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com> Run-TryBot: Bryan Mills <bcmills@google.com> Auto-Submit: Bryan Mills <bcmills@google.com> (cherry picked from commit 10fbd925d6cd6b63acead9fbbfba8963f70a410e) Reviewed-on: https://go-review.googlesource.com/c/go/+/499297 Reviewed-by: Bryan Mills <bcmills@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@google.com> 2023-05-30T18:12:39Z Shogo Hida shogo.hida@gmail.com 2023-05-10T14:41:06Z urn:sha1:b249ec56553becadd90fac7ee9f843f45c1d3774 For #57050. Fixes #60458. Change-Id: I46cac667ff78ac171c878f4366f8f01f58f1d27d GitHub-Last-Rev: 697c255ece18cd4772b76d62991474a7da2536d8 GitHub-Pull-Request: golang/go#57814 Reviewed-on: https://go-review.googlesource.com/c/go/+/461683 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Bryan Mills <bcmills@google.com> (cherry picked from commit 93d9035c9e8b129578d3a177fd90eb308e44a597) Reviewed-on: https://go-review.googlesource.com/c/go/+/499218 Run-TryBot: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> 2023-05-30T16:25:12Z Bryan C. Mills bcmills@google.com 2023-04-26T05:43:20Z urn:sha1:4b95fc1e6cdd4a60e8eb7e460e26254e35396107 When we load a package from a module, we need the go version line from that module's go.mod file to know what language semantics to use for the package. We need to save a checksum for the go.mod file even if the module's requirements are pruned out of the module graph. Previously, we were missing checksums for test dependencies of packages in 'all' and packages passed to 'go get -t'. This change preserves the existing bug for 'go mod tidy', but fixes it for 'go get -t' and flags the missing checksum with a clearer error in other cases. Fixes #60001. Updates #56222. Change-Id: Icd6acce348907621ae0b02dbeac04fb180353dcf (cherry picked from CL 489075 and CL 492741) Reviewed-on: https://go-review.googlesource.com/c/go/+/493015 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org> Run-TryBot: Bryan Mills <bcmills@google.com> 2023-05-23T00:35:33Z Ian Lance Taylor iant@golang.org 2023-05-19T22:09:58Z urn:sha1:31a1e19a5981f63485ce5c56b0e783d1af278514 Historically net.Conn.File.Fd has returned a descriptor in blocking mode. That was broken by CL 495079, which changed the behavior for os.OpenFile and os.NewFile without intending to affect net.Conn.File.Fd. Use a hidden os entry point to preserve the historical behavior, to ensure backward compatibility. For #58408 For #60211 For #60217 Change-Id: I8d14b9296070ddd52bb8940cb88c6a8b2dc28c27 Reviewed-on: https://go-review.googlesource.com/c/go/+/496080 Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> Auto-Submit: Ian Lance Taylor <iant@google.com> (cherry picked from commit b950cc8f11dc31cc9f6cfbed883818a7aa3abe94) Reviewed-on: https://go-review.googlesource.com/c/go/+/496715 2023-05-22T21:48:39Z Ian Lance Taylor iant@golang.org 2023-05-19T04:13:03Z urn:sha1:450c8021a5a55dd42fb29fa66fe0546d1be8bc60 Separate the result and the errno value, rather than assuming that the result can never be negative. Change-Id: Ib01a70a3d46285aa77e95371cdde74e1504e7c12 Reviewed-on: https://go-review.googlesource.com/c/go/+/496416 Run-TryBot: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Bryan Mills <bcmills@google.com> Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/497116 Run-TryBot: Roland Shoemaker <roland@golang.org> Auto-Submit: Heschi Kreinick <heschi@google.com>