gostls13.git log

commit 170a72e58bd128b421f4b3974fe2a37fd035efdf [browse]
Author: Than McIntosh
Date: 2021-09-09 10:05:55 -04:00

[release-branch.go1.16] go1.16.8

Change-Id: I1926e1506e56fd0484bec71f7b43cee62e41b5b5
Reviewed-on: https://go-review.googlesource.com/c/go/+/348812
Run-TryBot: Than McIntosh <thanm@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Trust: Than McIntosh <thanm@google.com>

commit 021fc241c968d328559db8342549c52b9f91c967 [browse]
Author: Ian Lance Taylor
Date: 2021-05-03 16:32:52 -07:00

[release-branch.go1.16] text/template: add lock for Template.tmpl to fix data race

This adds a new lock protecting "tmpl".

This is a copy of https://golang.org/cl/257817 by Andreas Fleig,
updated for current tip, and updated to start running the
html/template TestEscapeRace test.

Thanks to @bep for providing the test case.

For #39807
Fixes #47042

Change-Id: Ic8874484290283a49116812eeaffb8608346dc70
Reviewed-on: https://go-review.googlesource.com/c/go/+/316669
Trust: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
(cherry picked from commit 496d7c691481966fd6ea806205aa025698a172af)
Reviewed-on: https://go-review.googlesource.com/c/go/+/348580
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>

commit 8226cb06aa44449a1b2f65dcfe87c4e9e2c45dbf [browse]
Author: Damien Neil
Date: 2021-09-01 12:59:25 -07:00

[release-branch.go1.16] all: update golang.org/x/net to pull in CL 346890

For #47691.

Change-Id: I6650fdfc78786fc47a54167bf2f9061422bbb343
Reviewed-on: https://go-review.googlesource.com/c/go/+/347031
Trust: Damien Neil <dneil@google.com>
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>

commit 6c480017ae600b2c90a264a922e041df04dfa785 [browse]
Author: Roland Shoemaker
Date: 2021-08-18 11:49:29 -07:00

[release-branch.go1.16] archive/zip: prevent preallocation check from overflowing

If the indicated directory size in the archive header is so large that
subtracting it from the archive size overflows a uint64, the check that
the indicated number of files in the archive can be effectively
bypassed. Prevent this from happening by checking that the indicated
directory size is less than the size of the archive.

Thanks to the OSS-Fuzz project for discovering this issue and to
Emmanuel Odeke for reporting it.

Fixes #47985
Updates #47801
Fixes CVE-2021-39293

Change-Id: Ifade26b98a40f3b37398ca86bd5252d12394dd24
Reviewed-on: https://go-review.googlesource.com/c/go/+/343434
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
(cherry picked from commit bacbc33439b124ffd7392c91a5f5d96eca8c0c0b)
Reviewed-on: https://go-review.googlesource.com/c/go/+/345409
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com>
Trust: Cherry Mui <cherryyz@google.com>

commit 0d530843be0021aa56771c2f922e952beb190d97 [browse]
Author: Michael Pratt
Date: 2021-08-12 17:17:51 -04:00

[release-branch.go1.16] runtime: drop SIGPROF while in ARM < 7 kernel helpers

On Linux ARMv6 and below runtime/internal/atomic.Cas calls into a kernel
cas helper at a fixed address. If a SIGPROF arrives while executing the
kernel helper, the sigprof lostAtomic logic will miss that we are
potentially in the spinlock critical section, which could cause
a deadlock when using atomics later in sigprof.

For #47505
Fixes #47675

Change-Id: If8ba0d0fc47e45d4e6c68eca98fac4c6ed4e43c1
Reviewed-on: https://go-review.googlesource.com/c/go/+/341889
Trust: Michael Pratt <mpratt@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
(cherry picked from commit 20a620fd9f7bc35739c1af3602d53808d0430814)
Reviewed-on: https://go-review.googlesource.com/c/go/+/341853

clone the repository to get more history