From: Ian Lance Taylor Date: Thu, 15 Feb 2018 02:04:54 +0000 (-0800) Subject: [release-branch.go1.10] doc: add note about invalid flag errors to 1.10 release notes X-Git-Tag: go1.10~3 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=c622ec556b0798d5696ec97a5e180c035dea392b;p=gostls13.git [release-branch.go1.10] doc: add note about invalid flag errors to 1.10 release notes Updates #23672 Updates #23749 Change-Id: I85b6493bd1e4095398508b7ef395c35463dfbde1 Reviewed-on: https://go-review.googlesource.com/94158 Reviewed-by: Brad Fitzpatrick Reviewed-by: Andrew Bonventre (cherry picked from commit f2354d0aacdd5ce1952c5441c6a489378ccb7656) Reviewed-on: https://go-review.googlesource.com/94655 --- diff --git a/doc/go1.10.html b/doc/go1.10.html index a6e186fb73..4c0e847c05 100644 --- a/doc/go1.10.html +++ b/doc/go1.10.html @@ -30,6 +30,10 @@ adds caching of successful test results, runs vet automatically during tests, and permits passing string values directly between Go and C using cgo. +A new compiler option whitelist may cause +unexpected invalid +flag errors in code that built successfully with older +releases.

Changes to the language

@@ -261,6 +265,18 @@ and the test2json documentation.

Cgo

+

+Options specified by cgo using #cgo CFLAGS and the like +are now checked against a whitelist of permitted options. +This closes a security hole in which a downloaded package uses +compiler options like +-fplugin +to run arbitrary code on the machine where it is being built. +This can cause a build error such as invalid flag in #cgo CFLAGS. +For more background, and how to handle this error, see +https://golang.org/s/invalidflag. +

+

Cgo now implements a C typedef like “typedef X Y” using a Go type alias, so that Go code may use the types C.X and C.Y interchangeably.