From dcb42485ac63059ee36355441277c831e50d14de Mon Sep 17 00:00:00 2001 From: Neal Patel Date: Thu, 15 Jan 2026 13:14:32 -0500 Subject: [PATCH] cmd/cgo: add test for sanitizing smuggled doc comment code Updates #76697 Change-Id: If24eec2bc2f8bfd903a4cc8f5499e77ea2f255c8 Reviewed-on: https://go-review.googlesource.com/c/go/+/736780 Reviewed-by: Cherry Mui LUCI-TryBot-Result: Go LUCI --- src/cmd/cgo/internal/testout/out_test.go | 66 ++++++++++++++----- .../cgo/internal/testout/testdata/comments.go | 47 +++++++++++++ 2 files changed, 96 insertions(+), 17 deletions(-) create mode 100644 src/cmd/cgo/internal/testout/testdata/comments.go diff --git a/src/cmd/cgo/internal/testout/out_test.go b/src/cmd/cgo/internal/testout/out_test.go index e8ea5092a3..ff506c8cd9 100644 --- a/src/cmd/cgo/internal/testout/out_test.go +++ b/src/cmd/cgo/internal/testout/out_test.go @@ -18,6 +18,32 @@ import ( "testing" ) +// TestDisallowSmuggledCode tests that +// docstrings do not smuggle code into +// files generated by Cgo. +func TestDisallowSmuggledCode(t *testing.T) { + testenv.MustHaveGoRun(t) + testenv.MustHaveCGO(t) + objDir := cgo(t, "comments.go") + + file, err := os.Open(filepath.Join(objDir, "_cgo_export.h")) + if err != nil { + t.Fatal(err) + } + defer file.Close() + + scanner := bufio.NewScanner(file) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if strings.Contains(line, `"Hello, I am exploiting CVE-2025-61732!\n"`) { + t.Fatalf(`got %q, want ""`, line) + } + } + if err := scanner.Err(); err != nil { + t.Fatal(err) + } +} + type methodAlign struct { Method string Align int @@ -43,23 +69,7 @@ var wantAligns = map[string]int{ func TestAligned(t *testing.T) { testenv.MustHaveGoRun(t) testenv.MustHaveCGO(t) - - testdata, err := filepath.Abs("testdata") - if err != nil { - t.Fatal(err) - } - - objDir := t.TempDir() - - cmd := testenv.Command(t, testenv.GoToolPath(t), "tool", "cgo", - "-objdir", objDir, - filepath.Join(testdata, "aligned.go")) - cmd.Stderr = new(bytes.Buffer) - - err = cmd.Run() - if err != nil { - t.Fatalf("%#q: %v\n%s", cmd, err, cmd.Stderr) - } + objDir := cgo(t, "aligned.go") haveAligns, err := parseAlign(filepath.Join(objDir, "_cgo_export.c")) if err != nil { @@ -84,6 +94,28 @@ func TestAligned(t *testing.T) { } } +// cgo executes 'go tool cgo' on testFile +// and returns the objdir containing the +// generated files. +func cgo(t *testing.T, testFile string) string { + objDir := t.TempDir() + testdata, err := filepath.Abs("testdata") + if err != nil { + t.Fatal(err) + } + + cmd := testenv.Command(t, testenv.GoToolPath(t), "tool", "cgo", + "-objdir", objDir, + filepath.Join(testdata, testFile)) + + cmd.Stderr = new(bytes.Buffer) + if err = cmd.Run(); err != nil { + t.Fatalf("%#q: %v\n%s", cmd, err, cmd.Stderr) + } + + return objDir +} + func parseAlign(filename string) ([]methodAlign, error) { file, err := os.Open(filename) if err != nil { diff --git a/src/cmd/cgo/internal/testout/testdata/comments.go b/src/cmd/cgo/internal/testout/testdata/comments.go new file mode 100644 index 0000000000..c1fcaeea4a --- /dev/null +++ b/src/cmd/cgo/internal/testout/testdata/comments.go @@ -0,0 +1,47 @@ +// Copyright 2026 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package main + +/* +#include + +#pragma once + +extern void go_func(); + + +void print(const char *str) { + printf("%s", str); + go_func(); +} +*/ +import "C" +import "fmt" + +func main() { + str := C.CString("Hello from C\n") + C.print(str) +} + +// \ +/* + +#ifndef AUTO_PRINT_H +#define AUTO_PRINT_H + +#include + +__attribute__((constructor)) +static void inject(void) { + printf("Hello, I am exploiting CVE-2025-61732!\n"); +} + +#endif + +/* */ +//export go_func +func go_func() { + fmt.Println("Hello from Go") +} -- 2.52.0