]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7a256ad) | patch
Revert "crypto/rand: add randcrash=0 GODEBUG"
authorFilippo Valsorda <filippo@golang.org>
Wed, 23 Oct 2024 18:21:50 +0000 (20:21 +0200)
committerGopher Robot <gobot@golang.org>
Mon, 28 Oct 2024 14:46:33 +0000 (14:46 +0000)
commit0138c1abef3871b72e47d5909ce08c9218f61b16
treefc310e49c0f107c014ecb439d0c19d88bf07a4abtree
parent7a256adbafed8599d7c355422f50d4b95b60bf46commit | diff
Revert "crypto/rand: add randcrash=0 GODEBUG"

A GODEBUG is actually a security risk here: most programs will start to
ignore errors from Read because they can't happen (which is the intended
behavior), but then if a program is run with GODEBUG=randcrash=0 it will
use a partial buffer in case an error occurs, which may be catastrophic.

Note that the proposal was accepted without the GODEBUG, which was only
added later.

This (partially) reverts CL 608435. I kept the tests.

Updates #66821

Change-Id: I3fd20f9cae0d34115133fe935f0cfc7a741a2662
Reviewed-on: https://go-review.googlesource.com/c/go/+/622115
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
doc/godebug.md diff | blob | history
src/crypto/rand/rand.go diff | blob | history
src/crypto/rand/rand_test.go diff | blob | history
src/internal/godebugs/table.go diff | blob | history
src/runtime/metrics/doc.go diff | blob | history
Go GOST TLS 1.3