[Pkg-golang-commits] [golang] 02/03: New upstream version, fixing CVE-2018-6574.

Michael Hudson-Doyle mwhudson-guest at moszumanska.debian.org
Wed Feb 7 21:48:34 UTC 2018 

This is an automated email from the git hooks/post-receive script.

mwhudson-guest pushed a commit to branch golang-1.10
in repository golang.

commit 741a92f2677ba6adb933bb24f6cf57c2b0612ef2
Author: Michael Hudson-Doyle <michael.hudson at canonical.com>
Date:   Thu Feb 8 10:46:11 2018 +1300

    New upstream version, fixing CVE-2018-6574.
---
 debian/changelog                                   | 10 +++
 ...kip-TestTerminalSignal-if-posix_openpt-fa.patch | 81 ------------------
 ...github.com-google-pprof-cherry-pick-fix-t.patch | 35 --------
 ...ternal-loadelf-fix-logic-for-computing-EL.patch | 95 ----------------------
 debian/patches/series                              |  3 -
 5 files changed, 10 insertions(+), 214 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index d024ca8..a96fa35 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+golang-1.10 (1.10~rc2-1) UNRELEASED; urgency=medium
+
+  * New upstream version, fixing CVE-2018-6574.
+  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch,
+    d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch,
+    d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
+    removed, now included upstream.
+
+ -- Michael Hudson-Doyle <mwhudson at debian.org>  Thu, 08 Feb 2018 10:41:32 +1300
+
 golang-1.10 (1.10~rc1-2) unstable; urgency=medium
 
   * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
diff --git a/debian/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch b/debian/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch
deleted file mode 100644
index 935646c..0000000
--- a/debian/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From 7a71efa01fb8486b879b3abee8364a7aa4e401fe Mon Sep 17 00:00:00 2001
-From: Michael Hudson-Doyle <michael.hudson at canonical.com>
-Date: Wed, 31 Jan 2018 10:27:49 +1300
-Subject: [PATCH] os/signal: skip TestTerminalSignal if posix_openpt fails with
- EACCES
-
-This happens in a chroot and so causes failures when packaging Go 1.10 for
-Debian/Ubuntu.
-
-Change-Id: I817038c237e584ce185b2168f8c7a10b9ef27b43
----
- src/os/signal/internal/pty/pty.go | 21 ++++++++++++++++++---
- src/os/signal/signal_cgo_test.go  |  4 ++++
- 2 files changed, 22 insertions(+), 3 deletions(-)
-
---- a/src/os/signal/internal/pty/pty.go
-+++ b/src/os/signal/internal/pty/pty.go
-@@ -21,21 +21,36 @@
- import (
- 	"fmt"
- 	"os"
-+	"syscall"
- )
- 
-+type PtyError struct {
-+	FuncName    string
-+	ErrorString string
-+	Errno       syscall.Errno
-+}
-+
-+func ptyError(name string, err error) *PtyError {
-+	return &PtyError{name, err.Error(), err.(syscall.Errno)}
-+}
-+
-+func (e *PtyError) Error() string {
-+	return fmt.Sprintf("%s: %s", e.FuncName, e.ErrorString)
-+}
-+
- // Open returns a master pty and the name of the linked slave tty.
- func Open() (master *os.File, slave string, err error) {
- 	m, err := C.posix_openpt(C.O_RDWR)
- 	if err != nil {
--		return nil, "", fmt.Errorf("posix_openpt: %v", err)
-+		return nil, "", ptyError("posix_openpt", err)
- 	}
- 	if _, err := C.grantpt(m); err != nil {
- 		C.close(m)
--		return nil, "", fmt.Errorf("grantpt: %v", err)
-+		return nil, "", ptyError("grantpt", err)
- 	}
- 	if _, err := C.unlockpt(m); err != nil {
- 		C.close(m)
--		return nil, "", fmt.Errorf("unlockpt: %v", err)
-+		return nil, "", ptyError("unlockpt", err)
- 	}
- 	slave = C.GoString(C.ptsname(m))
- 	return os.NewFile(uintptr(m), "pty-master"), slave, nil
---- a/src/os/signal/signal_cgo_test.go
-+++ b/src/os/signal/signal_cgo_test.go
-@@ -72,6 +72,10 @@
- 
- 	master, sname, err := pty.Open()
- 	if err != nil {
-+		ptyErr := err.(*pty.PtyError)
-+		if ptyErr.FuncName == "posix_openpt" && ptyErr.Errno == syscall.EACCES {
-+			t.Skip("posix_openpt failed with EACCES, assuming chroot and skipping")
-+		}
- 		t.Fatal(err)
- 	}
- 	defer master.Close()
---- a/src/go/build/deps_test.go
-+++ b/src/go/build/deps_test.go
-@@ -301,7 +301,7 @@
- 	"os/user": {"L4", "CGO", "io/ioutil", "os", "syscall"},
- 
- 	// Internal package used only for testing.
--	"os/signal/internal/pty": {"CGO", "fmt", "os"},
-+	"os/signal/internal/pty": {"CGO", "fmt", "os", "syscall"},
- 
- 	// Basic networking.
- 	// Because net must be used by any package that wants to
diff --git a/debian/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch b/debian/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch
deleted file mode 100644
index 0856ea0..0000000
--- a/debian/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 52644d69a77492707bcc89bfeb775aa336f1dcdb Mon Sep 17 00:00:00 2001
-From: Michael Hudson-Doyle <michael.hudson at canonical.com>
-Date: Wed, 31 Jan 2018 11:11:39 +1300
-Subject: [PATCH] cmd/vendor/github.com/google/pprof: cherry-pick fix to cope
- with $HOME not being writable
-
-Upstream PRs: https://github.com/google/pprof/pull/305,
-https://github.com/google/pprof/pull/306.
-
-Change-Id: I28969118f52ee08fcaf3572ad5da015ae756fd7a
----
- .../github.com/google/pprof/internal/driver/fetch_test.go    | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
---- a/src/cmd/vendor/github.com/google/pprof/internal/driver/fetch_test.go
-+++ b/src/cmd/vendor/github.com/google/pprof/internal/driver/fetch_test.go
-@@ -362,6 +362,18 @@
- 	if runtime.GOOS == "nacl" {
- 		t.Skip("test assumes tcp available")
- 	}
-+	saveHome := os.Getenv(homeEnv())
-+	tempdir, err := ioutil.TempDir("", "home")
-+	if err != nil {
-+		t.Fatal("creating temp dir: ", err)
-+	}
-+	defer os.RemoveAll(tempdir)
-+
-+	// pprof writes to $HOME/pprof by default which is not necessarily
-+	// writeable (e.g. on a Debian buildd) so set $HOME to something we
-+	// know we can write to for the duration of the test.
-+	os.Setenv(homeEnv(), tempdir)
-+	defer os.Setenv(homeEnv(), saveHome)
- 
- 	baseVars := pprofVariables
- 	pprofVariables = baseVars.makeCopy()
diff --git a/debian/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch b/debian/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch
deleted file mode 100644
index a8f0257..0000000
--- a/debian/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-From b2d3d6e676450cc1a5d5a611d3711dce2800bc0d Mon Sep 17 00:00:00 2001
-From: Michael Hudson-Doyle <michael.hudson at canonical.com>
-Date: Wed, 7 Feb 2018 15:46:26 +1300
-Subject: [PATCH] cmd/link/internal/loadelf: fix logic for computing ELF flags
- on ARM
-
-The linker contains complicated logic for figuring out which float ABI to
-indicate it is using on (32 bit) ARM systems: it parses a special section in
-host object files to look for a flag indicating use of the hard float ABI. When
-loadelf got split into its own package a bug was introduced: if the last host
-object file does not contain a float ABI related tag, the ELF header's flag was
-set to 0, rather than using the value from the last object file which contained
-an ABI tag. Fix the code to only change the value used for the ELF header if a
-tag was found.
-
-This fixes an extremely confusing build failure on Ubuntu's armhf builders.
-
-Change-Id: I0845d68d082d1383e4cae84ea85164cdc6bcdddb
-Reviewed-on: https://go-review.googlesource.com/92515
-Run-TryBot: Michael Hudson-Doyle <michael.hudson at canonical.com>
-TryBot-Result: Gobot Gobot <gobot at golang.org>
-Reviewed-by: Ian Lance Taylor <iant at golang.org>
----
- src/cmd/link/internal/loadelf/ldelf.go | 27 +++++++++++++++++----------
- 1 file changed, 17 insertions(+), 10 deletions(-)
-
---- a/src/cmd/link/internal/loadelf/ldelf.go
-+++ b/src/cmd/link/internal/loadelf/ldelf.go
-@@ -405,13 +405,10 @@
- // find the one we are looking for. This format is slightly documented in "ELF
- // for the ARM Architecture" but mostly this is derived from reading the source
- // to gold and readelf.
--func parseArmAttributes(e binary.ByteOrder, initEhdrFlags uint32, data []byte) (ehdrFlags uint32, err error) {
--	// We assume the soft-float ABI unless we see a tag indicating otherwise.
--	if initEhdrFlags == 0x5000002 {
--		ehdrFlags = 0x5000202
--	}
-+func parseArmAttributes(e binary.ByteOrder, data []byte) (found bool, ehdrFlags uint32, err error) {
-+	found = false
- 	if data[0] != 'A' {
--		return 0, fmt.Errorf(".ARM.attributes has unexpected format %c\n", data[0])
-+		return false, 0, fmt.Errorf(".ARM.attributes has unexpected format %c\n", data[0])
- 	}
- 	data = data[1:]
- 	for len(data) != 0 {
-@@ -421,7 +418,7 @@
- 
- 		nulIndex := bytes.IndexByte(sectiondata, 0)
- 		if nulIndex < 0 {
--			return 0, fmt.Errorf("corrupt .ARM.attributes (section name not NUL-terminated)\n")
-+			return false, 0, fmt.Errorf("corrupt .ARM.attributes (section name not NUL-terminated)\n")
- 		}
- 		name := string(sectiondata[:nulIndex])
- 		sectiondata = sectiondata[nulIndex+1:]
-@@ -442,15 +439,16 @@
- 			for !attrList.done() {
- 				attr := attrList.armAttr()
- 				if attr.tag == TagABIVFPArgs && attr.ival == 1 {
-+					found = true
- 					ehdrFlags = 0x5000402 // has entry point, Version5 EABI, hard-float ABI
- 				}
- 			}
- 			if attrList.err != nil {
--				return 0, fmt.Errorf("could not parse .ARM.attributes\n")
-+				return false, 0, fmt.Errorf("could not parse .ARM.attributes\n")
- 			}
- 		}
- 	}
--	return ehdrFlags, nil
-+	return found, ehdrFlags, nil
- }
- 
- // Load loads the ELF file pn from f.
-@@ -686,11 +684,20 @@
- 			if err := elfmap(elfobj, sect); err != nil {
- 				return errorf("%s: malformed elf file: %v", pn, err)
- 			}
--			ehdrFlags, err = parseArmAttributes(e, initEhdrFlags, sect.base[:sect.size])
-+			// We assume the soft-float ABI unless we see a tag indicating otherwise.
-+			if initEhdrFlags == 0x5000002 {
-+				ehdrFlags = 0x5000202
-+			} else {
-+				ehdrFlags = initEhdrFlags
-+			}
-+			found, newEhdrFlags, err := parseArmAttributes(e, sect.base[:sect.size])
- 			if err != nil {
- 				// TODO(dfc) should this return an error?
- 				log.Printf("%s: %v", pn, err)
- 			}
-+			if found {
-+				ehdrFlags = newEhdrFlags
-+			}
- 		}
- 		if (sect.type_ != ElfSectProgbits && sect.type_ != ElfSectNobits) || sect.flags&ElfSectFlagAlloc == 0 {
- 			continue
diff --git a/debian/patches/series b/debian/patches/series
index d6ec71b..fe8bcb7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1 @@
-0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch
 0002-reproducible-BUILD_PATH_PREFIX_MAP.patch
-0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch
-0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-golang/golang.git

More information about the pkg-golang-commits mailing list