2008-07-26 15:49:21 -06:00
|
|
|
// Copyright 2009 The Go Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2011-04-19 17:57:05 -06:00
|
|
|
// Package syscall contains an interface to the low-level operating system
|
2009-03-06 18:20:53 -07:00
|
|
|
// primitives. The details vary depending on the underlying system.
|
|
|
|
// Its primary use is inside other packages that provide a more portable
|
|
|
|
// interface to the system, such as "os", "time" and "net". Use those
|
|
|
|
// packages rather than this one if you can.
|
|
|
|
// For details of the functions and data types in this package consult
|
|
|
|
// the manuals for the appropriate operating system.
|
2011-11-13 20:44:52 -07:00
|
|
|
// These calls return err == nil to indicate success; otherwise
|
|
|
|
// err is an operating system error describing the failure.
|
|
|
|
// On most systems, that error has type syscall.Errno.
|
2008-07-26 15:49:21 -06:00
|
|
|
package syscall
|
|
|
|
|
syscall: return EINVAL when string arguments have NUL characters
Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
2012-08-05 15:24:32 -06:00
|
|
|
// StringByteSlice is deprecated. Use ByteSliceFromString instead.
|
|
|
|
// If s contains a NUL byte this function panics instead of
|
|
|
|
// returning an error.
|
2009-06-01 23:14:57 -06:00
|
|
|
func StringByteSlice(s string) []byte {
|
syscall: return EINVAL when string arguments have NUL characters
Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
2012-08-05 15:24:32 -06:00
|
|
|
a, err := ByteSliceFromString(s)
|
|
|
|
if err != nil {
|
|
|
|
panic("syscall: string with NUL passed to StringByteSlice")
|
|
|
|
}
|
|
|
|
return a
|
|
|
|
}
|
|
|
|
|
|
|
|
// ByteSliceFromString returns a NUL-terminated slice of bytes
|
|
|
|
// containing the text of s. If s contains a NUL byte at any
|
|
|
|
// location, it returns (nil, EINVAL).
|
|
|
|
func ByteSliceFromString(s string) ([]byte, error) {
|
|
|
|
for i := 0; i < len(s); i++ {
|
|
|
|
if s[i] == 0 {
|
|
|
|
return nil, EINVAL
|
|
|
|
}
|
|
|
|
}
|
2009-12-15 16:40:16 -07:00
|
|
|
a := make([]byte, len(s)+1)
|
2010-10-26 22:52:54 -06:00
|
|
|
copy(a, s)
|
syscall: return EINVAL when string arguments have NUL characters
Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
2012-08-05 15:24:32 -06:00
|
|
|
return a, nil
|
2009-06-01 23:14:57 -06:00
|
|
|
}
|
|
|
|
|
syscall: return EINVAL when string arguments have NUL characters
Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
2012-08-05 15:24:32 -06:00
|
|
|
// StringBytePtr is deprecated. Use BytePtrFromString instead.
|
|
|
|
// If s contains a NUL byte this function panics instead of
|
|
|
|
// returning an error.
|
2009-12-15 16:40:16 -07:00
|
|
|
func StringBytePtr(s string) *byte { return &StringByteSlice(s)[0] }
|
2011-02-09 12:28:47 -07:00
|
|
|
|
syscall: return EINVAL when string arguments have NUL characters
Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
2012-08-05 15:24:32 -06:00
|
|
|
// BytePtrFromString returns a pointer to a NUL-terminated array of
|
|
|
|
// bytes containing the text of s. If s contains a NUL byte at any
|
|
|
|
// location, it returns (nil, EINVAL).
|
|
|
|
func BytePtrFromString(s string) (*byte, error) {
|
|
|
|
a, err := ByteSliceFromString(s)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &a[0], nil
|
|
|
|
}
|
|
|
|
|
2011-02-09 12:28:47 -07:00
|
|
|
// Single-word zero for use when we need a valid pointer to 0 bytes.
|
2011-10-25 13:49:51 -06:00
|
|
|
// See mksyscall.pl.
|
2011-02-09 12:28:47 -07:00
|
|
|
var _zero uintptr
|
2012-01-18 20:05:44 -07:00
|
|
|
|
|
|
|
func (ts *Timespec) Unix() (sec int64, nsec int64) {
|
|
|
|
return int64(ts.Sec), int64(ts.Nsec)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (tv *Timeval) Unix() (sec int64, nsec int64) {
|
|
|
|
return int64(tv.Sec), int64(tv.Usec) * 1000
|
|
|
|
}
|
2012-02-06 16:04:12 -07:00
|
|
|
|
|
|
|
func (ts *Timespec) Nano() int64 {
|
|
|
|
return int64(ts.Sec)*1e9 + int64(ts.Nsec)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (tv *Timeval) Nano() int64 {
|
|
|
|
return int64(tv.Sec)*1e9 + int64(tv.Usec)*1000
|
|
|
|
}
|