diff options
| author | Roland Shoemaker <roland@golang.org> | 2022-09-28 14:52:33 -0700 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2022-10-13 18:21:54 +0000 |
| commit | 1ef685fb7ba413c6f5943cc1aa61de911a7ef29a (patch) | |
| tree | 164a4d6b0308bd7d5e5cd0578d410fcf0d886a38 /src/debug/plan9obj | |
| parent | f2acc607f8a6f2837ed302cedd70676d8ea1f463 (diff) | |
| download | go-1ef685fb7ba413c6f5943cc1aa61de911a7ef29a.tar.xz | |
debug: add top level security docs for dwarf, elf, macho, pe, and plan9obj
Adds a package level doc comment to the debug/dwarf, debug/elf,
debug/macho, debug/pe, and debug/plan9obj noting that these packages
are not designed to be hardened against adversarial inputs.
Change-Id: I678d01bcdc8ad01c23805f09cc59e64cec6c3f76
Reviewed-on: https://go-review.googlesource.com/c/go/+/435417
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Diffstat (limited to 'src/debug/plan9obj')
| -rw-r--r-- | src/debug/plan9obj/file.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/debug/plan9obj/file.go b/src/debug/plan9obj/file.go index 2b83f9bdff..81ece2c3e0 100644 --- a/src/debug/plan9obj/file.go +++ b/src/debug/plan9obj/file.go @@ -2,7 +2,17 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package plan9obj implements access to Plan 9 a.out object files. +/* +Package plan9obj implements access to Plan 9 a.out object files. + +# Security + +This package is not designed to be hardened against adversarial inputs, and is +outside the scope of https://go.dev/security/policy. In particular, only basic +validation is done when parsing object files. As such, care should be taken when +parsing untrusted inputs, as parsing malformed files may consume significant +resources, or cause panics. +*/ package plan9obj import ( |