cmd/go: allow passing -U flag in cgo CFLAGS

author Umang Parmar <umangjparmar@gmail.com>

Sun, 20 Oct 2019 11:34:23 +0000 (11:34 +0000)

committer Ian Lance Taylor <iant@golang.org>

Sun, 20 Oct 2019 21:14:18 +0000 (21:14 +0000)
author Umang Parmar <umangjparmar@gmail.com>
Sun, 20 Oct 2019 11:34:23 +0000 (11:34 +0000)
committer Ian Lance Taylor <iant@golang.org>
Sun, 20 Oct 2019 21:14:18 +0000 (21:14 +0000)
diff --git a/src/cmd/cgo/doc.go b/src/cmd/cgo/doc.go

index f227d7f85026ab4cc4fd87116fc682cb9aa2d9a3..5c9c8674c23bd1737dedc5ea27961e5e13e3d14e 100644 (file)
--- a/src/cmd/cgo/doc.go
+++ b/src/cmd/cgo/doc.go
@@ -55,7 +55,7 @@ For example:
  
  The default pkg-config tool may be changed by setting the PKG_CONFIG environment variable.
  
-For security reasons, only a limited set of flags are allowed, notably -D, -I, and -l.
+For security reasons, only a limited set of flags are allowed, notably -D, -U, -I, and -l.
  To allow additional flags, set CGO_CFLAGS_ALLOW to a regular expression
  matching the new flags. To disallow flags that would otherwise be allowed,
  set CGO_CFLAGS_DISALLOW to a regular expression matching arguments
diff --git a/src/cmd/go/internal/work/security.go b/src/cmd/go/internal/work/security.go

index 3a5deae4513716204405aefcf8f7c1beab49232a..d02630155bf135b9ab23721bb3e12b79238a5960 100644 (file)
--- a/src/cmd/go/internal/work/security.go
+++ b/src/cmd/go/internal/work/security.go
@@ -43,6 +43,7 @@ var re = lazyregexp.New
  
  var validCompilerFlags = []*lazyregexp.Regexp{
         re(`-D([A-Za-z_].*)`),
+       re(`-U([A-Za-z_]*)`),
         re(`-F([^@\-].*)`),
         re(`-I([^@\-].*)`),
         re(`-O`),
@@ -51,6 +52,7 @@ var validCompilerFlags = []*lazyregexp.Regexp{
         re(`-W([^@,]+)`), // -Wall but not -Wa,-foo.
         re(`-Wa,-mbig-obj`),
         re(`-Wp,-D([A-Za-z_].*)`),
+       re(`-Wp, -U([A-Za-z_]*)`),
         re(`-ansi`),
         re(`-f(no-)?asynchronous-unwind-tables`),
         re(`-f(no-)?blocks`),
@@ -127,6 +129,7 @@ var validCompilerFlags = []*lazyregexp.Regexp{
  var validCompilerFlagsWithNextArg = []string{
         "-arch",
         "-D",
+       "-U",
         "-I",
         "-framework",
         "-isysroot",
diff --git a/src/cmd/go/internal/work/security_test.go b/src/cmd/go/internal/work/security_test.go

index 8bf164bf082fb76f80381709204874a0756a5b4a..3a02db1d04ae169fe436256395a3f802067357ce 100644 (file)
--- a/src/cmd/go/internal/work/security_test.go
+++ b/src/cmd/go/internal/work/security_test.go
@@ -12,6 +12,7 @@ import (
  var goodCompilerFlags = [][]string{
         {"-DFOO"},
         {"-Dfoo=bar"},
+       {"-Ufoo"},
         {"-F/Qt"},
         {"-I/"},
         {"-I/etc/passwd"},
@@ -67,6 +68,7 @@ var goodCompilerFlags = [][]string{
  var badCompilerFlags = [][]string{
         {"-D@X"},
         {"-D-X"},
+       {"-Ufoo=bar"},
         {"-F@dir"},
         {"-F-dir"},
         {"-I@dir"},
author	Umang Parmar <umangjparmar@gmail.com>
	Sun, 20 Oct 2019 11:34:23 +0000 (11:34 +0000)
committer	Ian Lance Taylor <iant@golang.org>
	Sun, 20 Oct 2019 21:14:18 +0000 (21:14 +0000)
src/cmd/cgo/doc.go		patch \| blob \| history
src/cmd/go/internal/work/security.go		patch \| blob \| history
src/cmd/go/internal/work/security_test.go		patch \| blob \| history