When using a stack-allocated buffer for the result, don't
expose the uninitialized portion of it by restricting its
capacity to its length.
The other option is to zero the portion between len and cap.
That seems like more work, but might be worth it if the caller
then appends some stuff to the result. But this close to 1.6,
I'm inclined to do the simplest fix possible.
Fixes #14232
Change-Id: I21c50d3cda02fd2df4d60ba5e2cfe2efe272f333
Reviewed-on: https://go-review.googlesource.com/19231
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
func stringtoslicebyte(buf *tmpBuf, s string) []byte {
var b []byte
if buf != nil && len(s) <= len(buf) {
- b = buf[:len(s)]
+ b = buf[:len(s):len(s)]
} else {
b = rawbyteslice(len(s))
}
}
var a []rune
if buf != nil && n <= len(buf) {
- a = buf[:n]
+ a = buf[:n:n]
} else {
a = rawruneslice(n)
}
t.Fatalf("want 0 allocs, got %v", n)
}
}
+
+func TestString2Slice(t *testing.T) {
+ // Make sure we don't return slices that expose
+ // an unzeroed section of stack-allocated temp buf
+ // between len and cap. See issue 14232.
+ s := "foož"
+ b := ([]byte)(s)
+ if cap(b) != 5 {
+ t.Errorf("want cap of 5, got %d", cap(b))
+ }
+ r := ([]rune)(s)
+ if cap(r) != 4 {
+ t.Errorf("want cap of 4, got %d", cap(r))
+ }
+}