aboutsummaryrefslogtreecommitdiff
path: root/src/runtime/stack_test.go
diff options
context:
space:
mode:
authorRoland Shoemaker <bracewell@google.com>2023-04-11 16:27:43 +0100
committerCarlos Amedee <carlos@golang.org>2023-05-02 19:41:48 +0000
commita32232cb18ed07496ec77c1cf2dcefa1cb0ac057 (patch)
tree4c19751580b0e8e91a7c2a0735000b65f9b0b7da /src/runtime/stack_test.go
parent8673ca81e5340b87709db2d9749c92a3bf925df1 (diff)
downloadgo-a32232cb18ed07496ec77c1cf2dcefa1cb0ac057.tar.xz
html/template: handle all JS whitespace characters
Rather than just a small set. Character class as defined by \s [0]. Thanks to Juho Nurminen of Mattermost for reporting this. Fixes #59721 Fixes CVE-2023-24540 [0] https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Character_Classes Change-Id: I56d4fa1ef08125b417106ee7dbfb5b0923b901ba Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1821459 Reviewed-by: Julie Qiu <julieqiu@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/491616 Run-TryBot: Carlos Amedee <carlos@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Diffstat (limited to 'src/runtime/stack_test.go')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 23:31:36 +0000