Cypherpunks repositories - gostls13.git/commit

]> Cypherpunks repositories - gostls13.git/commit

author	Alexey Borzenkov <snaury@gmail.com>
	Sun, 5 Aug 2012 21:24:32 +0000 (17:24 -0400)
committer	Russ Cox <rsc@golang.org>
	Sun, 5 Aug 2012 21:24:32 +0000 (17:24 -0400)
commit	a108369c830db0b9a9f519fd346b8f593a4d7e14
tree	49455ae21d886b9aaf0ba37f52400375191493b1	tree
parent	8efb70f92e258d458c183232b985c83b477ed3de	commit \| diff

syscall: return EINVAL when string arguments have NUL characters

Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.

R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050

39 files changed:

src/pkg/crypto/x509/root_windows.go		diff \| blob \| history
src/pkg/exp/winfsnotify/winfsnotify.go		diff \| blob \| history
src/pkg/mime/type_windows.go		diff \| blob \| history
src/pkg/os/error_test.go		diff \| blob \| history
src/pkg/os/file_windows.go		diff \| blob \| history
src/pkg/os/stat_windows.go		diff \| blob \| history
src/pkg/os/user/lookup_windows.go		diff \| blob \| history
src/pkg/path/filepath/symlink_windows.go		diff \| blob \| history
src/pkg/runtime/syscall_windows_test.go		diff \| blob \| history
src/pkg/syscall/dll_windows.go		diff \| blob \| history
src/pkg/syscall/env_windows.go		diff \| blob \| history
src/pkg/syscall/exec_plan9.go		diff \| blob \| history
src/pkg/syscall/exec_unix.go		diff \| blob \| history
src/pkg/syscall/exec_windows.go		diff \| blob \| history
src/pkg/syscall/mksyscall.pl		diff \| blob \| history
src/pkg/syscall/mksyscall_windows.pl		diff \| blob \| history
src/pkg/syscall/security_windows.go		diff \| blob \| history
src/pkg/syscall/syscall.go		diff \| blob \| history
src/pkg/syscall/syscall_darwin.go		diff \| blob \| history
src/pkg/syscall/syscall_freebsd.go		diff \| blob \| history
src/pkg/syscall/syscall_linux.go		diff \| blob \| history
src/pkg/syscall/syscall_linux_386.go		diff \| blob \| history
src/pkg/syscall/syscall_plan9.go		diff \| blob \| history
src/pkg/syscall/syscall_windows.go		diff \| blob \| history
src/pkg/syscall/syscall_windows_test.go		diff \| blob \| history
src/pkg/syscall/zsyscall_darwin_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_darwin_amd64.go		diff \| blob \| history
src/pkg/syscall/zsyscall_freebsd_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_freebsd_amd64.go		diff \| blob \| history
src/pkg/syscall/zsyscall_linux_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_linux_amd64.go		diff \| blob \| history
src/pkg/syscall/zsyscall_linux_arm.go		diff \| blob \| history
src/pkg/syscall/zsyscall_netbsd_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_netbsd_amd64.go		diff \| blob \| history
src/pkg/syscall/zsyscall_openbsd_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_openbsd_amd64.go		diff \| blob \| history
src/pkg/syscall/zsyscall_plan9_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_windows_386.go		diff \| blob \| history
src/pkg/syscall/zsyscall_windows_amd64.go		diff \| blob \| history

Go GOST TLS 1.3

RSS Atom