diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/cmd/go.mod | 2 | ||||
| -rw-r--r-- | src/cmd/go.sum | 4 | ||||
| -rw-r--r-- | src/cmd/vendor/modules.txt | 4 | ||||
| -rw-r--r-- | src/go.mod | 6 | ||||
| -rw-r--r-- | src/go.sum | 12 | ||||
| -rw-r--r-- | src/vendor/golang.org/x/net/dns/dnsmessage/message.go | 9 | ||||
| -rw-r--r-- | src/vendor/golang.org/x/net/http/httpproxy/proxy.go | 8 | ||||
| -rw-r--r-- | src/vendor/golang.org/x/net/http2/hpack/tables.go | 13 | ||||
| -rw-r--r-- | src/vendor/modules.txt | 12 |
9 files changed, 39 insertions, 31 deletions
diff --git a/src/cmd/go.mod b/src/cmd/go.mod index 1969e3630d..9a2085fab3 100644 --- a/src/cmd/go.mod +++ b/src/cmd/go.mod @@ -16,6 +16,6 @@ require ( require ( github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b // indirect - golang.org/x/text v0.33.1-0.20260122225119-3264de9174be // indirect + golang.org/x/text v0.35.0 // indirect rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef // indirect ) diff --git a/src/cmd/go.sum b/src/cmd/go.sum index c5aac23666..1affc0bbc1 100644 --- a/src/cmd/go.sum +++ b/src/cmd/go.sum @@ -20,8 +20,8 @@ golang.org/x/telemetry v0.0.0-20260311193753-579e4da9a98c h1:6a8FdnNk6bTXBjR4AGK golang.org/x/telemetry v0.0.0-20260311193753-579e4da9a98c/go.mod h1:TpUTTEp9frx7rTdLpC9gFG9kdI7zVLFTFFlqaH2Cncw= golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= -golang.org/x/text v0.33.1-0.20260122225119-3264de9174be h1:EwuAS7HtEmZVDSL0zq464yhyVIjdDETleE+K94kfwxg= -golang.org/x/text v0.33.1-0.20260122225119-3264de9174be/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= golang.org/x/tools v0.43.1-0.20260407202037-f6476fbaabd3 h1:kKxxg32Xl95dav6werhfwQpDWpSGWR4G43Dj1bkDqlQ= golang.org/x/tools v0.43.1-0.20260407202037-f6476fbaabd3/go.mod h1:uHkMso649BX2cZK6+RpuIPXS3ho2hZo4FVwfoy1vIk0= rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef h1:mqLYrXCXYEZOop9/Dbo6RPX11539nwiCNBb1icVPmw8= diff --git a/src/cmd/vendor/modules.txt b/src/cmd/vendor/modules.txt index 0bcfce274e..dfde90a9fa 100644 --- a/src/cmd/vendor/modules.txt +++ b/src/cmd/vendor/modules.txt @@ -63,8 +63,8 @@ golang.org/x/telemetry/internal/upload # golang.org/x/term v0.39.0 ## explicit; go 1.24.0 golang.org/x/term -# golang.org/x/text v0.33.1-0.20260122225119-3264de9174be -## explicit; go 1.24.0 +# golang.org/x/text v0.35.0 +## explicit; go 1.25.0 golang.org/x/text/cases golang.org/x/text/internal golang.org/x/text/internal/language diff --git a/src/go.mod b/src/go.mod index 2ac54d7b35..a8ebee0bd2 100644 --- a/src/go.mod +++ b/src/go.mod @@ -3,11 +3,11 @@ module std go 1.27 require ( - golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1 - golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33 + golang.org/x/crypto v0.49.0 + golang.org/x/net v0.52.1-0.20260406204716-056ac742146a ) require ( golang.org/x/sys v0.42.1-0.20260320201212-a76ec62d6c53 // indirect - golang.org/x/text v0.33.1-0.20260122225119-3264de9174be // indirect + golang.org/x/text v0.35.0 // indirect ) diff --git a/src/go.sum b/src/go.sum index ba6fd05766..e5f656652a 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,8 +1,8 @@ -golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1 h1:peTBrYsTa5Rr+jB2pbgd7X08cFAun6ME4So3jfEkYL4= -golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A= -golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33 h1:pNHjOZ0w6qb8R9EDmEsBXmV4o2YKLvtRiEk4q5gN5Hg= -golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= +golang.org/x/net v0.52.1-0.20260406204716-056ac742146a h1:3li6mFiqneqvrkq+zbxvMG+VdvDQa27vKCR4kx3vmp0= +golang.org/x/net v0.52.1-0.20260406204716-056ac742146a/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= golang.org/x/sys v0.42.1-0.20260320201212-a76ec62d6c53 h1:0T1C9w/fKTlj64Z8y0UtRoCAD7UZ+l5ZCSHcs3GYSCI= golang.org/x/sys v0.42.1-0.20260320201212-a76ec62d6c53/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/text v0.33.1-0.20260122225119-3264de9174be h1:EwuAS7HtEmZVDSL0zq464yhyVIjdDETleE+K94kfwxg= -golang.org/x/text v0.33.1-0.20260122225119-3264de9174be/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= diff --git a/src/vendor/golang.org/x/net/dns/dnsmessage/message.go b/src/vendor/golang.org/x/net/dns/dnsmessage/message.go index 7a978b47f6..cbe94a38f5 100644 --- a/src/vendor/golang.org/x/net/dns/dnsmessage/message.go +++ b/src/vendor/golang.org/x/net/dns/dnsmessage/message.go @@ -2085,7 +2085,11 @@ Loop: return off, errInvalidName } } - + // Reject names that are too long while unpacking + // See issue golang/go#77540 + if len(name)+(endOff-currOff) >= nonEncodedNameMax { + return off, errNameTooLong + } name = append(name, msg[currOff:endOff]...) name = append(name, '.') currOff = endOff @@ -2111,9 +2115,6 @@ Loop: if len(name) == 0 { name = append(name, '.') } - if len(name) > nonEncodedNameMax { - return off, errNameTooLong - } n.Length = uint8(len(name)) if ptr == 0 { newOff = currOff diff --git a/src/vendor/golang.org/x/net/http/httpproxy/proxy.go b/src/vendor/golang.org/x/net/http/httpproxy/proxy.go index d89c257ae7..5ab499b0bc 100644 --- a/src/vendor/golang.org/x/net/http/httpproxy/proxy.go +++ b/src/vendor/golang.org/x/net/http/httpproxy/proxy.go @@ -3,8 +3,8 @@ // license that can be found in the LICENSE file. // Package httpproxy provides support for HTTP proxy determination -// based on environment variables, as provided by net/http's -// ProxyFromEnvironment function. +// based on environment variables, as provided by +// [net/http.ProxyFromEnvironment] function. // // The API is not subject to the Go 1 compatibility promise and may change at // any time. @@ -56,7 +56,7 @@ type Config struct { // presence of a REQUEST_METHOD environment variable). // When this is set, ProxyForURL will return an error // when HTTPProxy applies, because a client could be - // setting HTTP_PROXY maliciously. See https://golang.org/s/cgihttpproxy. + // setting HTTP_PROXY maliciously. See https://go.dev/s/cgihttpproxy. CGI bool } @@ -113,7 +113,7 @@ func getEnvAny(names ...string) string { // environment, or a proxy should not be used for the given request, as // defined by NO_PROXY. // -// As a special case, if req.URL.Host is "localhost" or a loopback address +// As a special case, if reqURL.Host is "localhost" or a loopback address // (with or without a port number), then a nil URL and nil error will be returned. func (cfg *Config) ProxyFunc() func(reqURL *url.URL) (*url.URL, error) { // Preprocess the Config settings for more efficient evaluation. diff --git a/src/vendor/golang.org/x/net/http2/hpack/tables.go b/src/vendor/golang.org/x/net/http2/hpack/tables.go index 8cbdf3f019..803fe5178c 100644 --- a/src/vendor/golang.org/x/net/http2/hpack/tables.go +++ b/src/vendor/golang.org/x/net/http2/hpack/tables.go @@ -6,6 +6,7 @@ package hpack import ( "fmt" + "strings" ) // headerFieldTable implements a list of HeaderFields. @@ -54,10 +55,16 @@ func (t *headerFieldTable) len() int { // addEntry adds a new entry. func (t *headerFieldTable) addEntry(f HeaderField) { + // Prevent f from escaping to the heap. + f2 := HeaderField{ + Name: strings.Clone(f.Name), + Value: strings.Clone(f.Value), + Sensitive: f.Sensitive, + } id := uint64(t.len()) + t.evictCount + 1 - t.byName[f.Name] = id - t.byNameValue[pairNameValue{f.Name, f.Value}] = id - t.ents = append(t.ents, f) + t.byName[f2.Name] = id + t.byNameValue[pairNameValue{f2.Name, f2.Value}] = id + t.ents = append(t.ents, f2) } // evictOldest evicts the n oldest entries in the table. diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt index e8c6f1efb0..35468f6f1d 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt @@ -1,13 +1,13 @@ -# golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1 -## explicit; go 1.24.0 +# golang.org/x/crypto v0.49.0 +## explicit; go 1.25.0 golang.org/x/crypto/chacha20 golang.org/x/crypto/chacha20poly1305 golang.org/x/crypto/cryptobyte golang.org/x/crypto/cryptobyte/asn1 golang.org/x/crypto/internal/alias golang.org/x/crypto/internal/poly1305 -# golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33 -## explicit; go 1.24.0 +# golang.org/x/net v0.52.1-0.20260406204716-056ac742146a +## explicit; go 1.25.0 golang.org/x/net/dns/dnsmessage golang.org/x/net/http/httpguts golang.org/x/net/http/httpproxy @@ -18,8 +18,8 @@ golang.org/x/net/nettest # golang.org/x/sys v0.42.1-0.20260320201212-a76ec62d6c53 ## explicit; go 1.25.0 golang.org/x/sys/cpu -# golang.org/x/text v0.33.1-0.20260122225119-3264de9174be -## explicit; go 1.24.0 +# golang.org/x/text v0.35.0 +## explicit; go 1.25.0 golang.org/x/text/secure/bidirule golang.org/x/text/transform golang.org/x/text/unicode/bidi |