qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-09-30 00:14:36 -06:00
Code Releases Activity

crypto/x509: make '-gcflags=all=-d=checkptr' flag work

Browse Source 
Replace

buf := [HUGE_CONST]*T)(unsafe.Pointer(p))[:]

with

buf := [HUGE_CONST]*T)(unsafe.Pointer(p))[:n:n]

Pointer p points to n of T elements. New unsafe pointer conversion
logic verifies that both first and last elements point into the
same Go variable. And this change adjusts all code to comply with
this rule.

Verified by running

go test -a -short -gcflags=all=-d=checkptr crypto/x509

The test does not fail even with original version of this code. I
suspect it is because all variables I changed live outside of Go
memory. But I am just guessing, I don't really know how pointer
checker works.

Updates golang/go#34972

Change-Id: Ibc33fdc9e2023d9b14905c9badf2f0b683999ab8
Reviewed-on: https://go-review.googlesource.com/c/go/+/204621
Run-TryBot: Alex Brainman <alex.brainman@gmail.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit is contained in:
Alex Brainman 2019-11-03 10:32:37 +11:00
parent 3873e5497d
commit d2c039fb21
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/crypto/x509/root_windows.go
View File

@ -61,15 +61,15 @@ func extractSimpleChain(simpleChain **syscall.CertSimpleChain, count int) (chain
return nil, errors.New("x509: invalid simple chain") return nil, errors.New("x509: invalid simple chain")
} }
simpleChains := (*[1 << 20]*syscall.CertSimpleChain)(unsafe.Pointer(simpleChain))[:] simpleChains := (*[1 << 20]*syscall.CertSimpleChain)(unsafe.Pointer(simpleChain))[:count:count]
lastChain := simpleChains[count-1] lastChain := simpleChains[count-1]
elements := (*[1 << 20]*syscall.CertChainElement)(unsafe.Pointer(lastChain.Elements))[:] elements := (*[1 << 20]*syscall.CertChainElement)(unsafe.Pointer(lastChain.Elements))[:lastChain.NumElements:lastChain.NumElements]
for i := 0; i < int(lastChain.NumElements); i++ { for i := 0; i < int(lastChain.NumElements); i++ {
// Copy the buf, since ParseCertificate does not create its own copy. // Copy the buf, since ParseCertificate does not create its own copy.
cert := elements[i].CertContext cert := elements[i].CertContext
encodedCert := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:] encodedCert := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:cert.Length:cert.Length]
buf := make([]byte, cert.Length) buf := make([]byte, cert.Length)
copy(buf, encodedCert[:]) copy(buf, encodedCert)
parsedCert, err := ParseCertificate(buf) parsedCert, err := ParseCertificate(buf)
if err != nil { if err != nil {
return nil, err return nil, err
@ -259,7 +259,7 @@ func loadSystemRoots() (*CertPool, error) {
break break
} }
// Copy the buf, since ParseCertificate does not create its own copy. // Copy the buf, since ParseCertificate does not create its own copy.
buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:] buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:cert.Length:cert.Length]
buf2 := make([]byte, cert.Length) buf2 := make([]byte, cert.Length)
copy(buf2, buf) copy(buf2, buf)
if c, err := ParseCertificate(buf2); err == nil { if c, err := ParseCertificate(buf2); err == nil {