qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-09-28 17:24:28 -06:00
Code Releases Activity
The Go programming language
56,996 Commits 58 Branches 402 Tags 522 MiB
Go 89.6%
Assembly 5.2%
HTML 4.8%
C 0.2%
Shell 0.1%
4dae3bbe0e
Go to file
Bryan C. Mills 4dae3bbe0e cmd/go: disallow package directories containing newlines 
Directory or file paths containing newlines may cause tools (such as
cmd/cgo) that emit "//line" or "#line" -directives to write part of
the path into non-comment lines in generated source code. If those
lines contain valid Go code, it may be injected into the resulting
binary.

(Note that Go import paths and file paths within module zip files
already could not contain newlines.)

Thanks to Juho Nurminen of Mattermost for reporting this issue.

Fixes #60167.
Fixes CVE-2023-29402.

Change-Id: I64572e9f454bce7b685d00e2e6a1c96cd33d53df
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1882606
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Run-TryBot: Roland Shoemaker <bracewell@google.com>
Reviewed-by: Russ Cox <rsc@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/501226
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
2023-06-06 20:24:31 +00:00
.github doc: normalize proposal-process links 2023-03-29 22:00:27 +00:00
api math/big: rename Int.ToFloat64 to Float64 2023-06-02 14:22:24 +00:00
doc doc/go1.21: document GOEXPERIMENT=loopvar and invite feedback 2023-06-05 19:18:13 +00:00
lib/time lib/time: update to 2023c/2023c 2023-05-03 20:14:11 +00:00
misc misc/wasm: set PATH variable in exec 2023-05-26 17:21:14 +00:00
src cmd/go: disallow package directories containing newlines 2023-06-06 20:24:31 +00:00
test cmd/compile: allow ir.OMIN/ir.OMAX in mayCall 2023-06-05 03:11:36 +00:00
.gitattributes all: treat all files as binary, but check in .bat with CRLF 2020-06-08 15:31:43 +00:00
.gitignore cmd/dist: refactor generated cgo-support logic 2023-04-20 17:26:46 +00:00
codereview.cfg codereview.cfg: add codereview.cfg for master branch 2021-02-19 18:44:53 +00:00
CONTRIBUTING.md doc: normalize proposal-process links 2023-03-29 22:00:27 +00:00
go.env cmd/go: additional doc-inspired tests and bug fixes 2023-06-06 19:18:46 +00:00
LICENSE
PATENTS
README.md README: update from CC-BY-3.0 to CC-BY-4.0 2022-11-02 20:14:56 +00:00
SECURITY.md SECURITY.md: replace golang.org with go.dev 2022-04-26 19:59:47 +00:00

README.md

The Go Programming Language

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Gopher image Gopher image by Renee French, licensed under Creative Commons 4.0 Attributions license.

Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Download and Install

Binary Distributions

Official binary distributions are available at https://go.dev/dl/.

After downloading a binary release, visit https://go.dev/doc/install for installation instructions.

Install From Source

If a binary distribution is not available for your combination of operating system and architecture, visit https://go.dev/doc/install/source for source installation instructions.

Contributing

Go is the work of thousands of contributors. We appreciate your help!

To contribute, please read the contribution guidelines at https://go.dev/doc/contribute.

Note that the Go project uses the issue tracker for bug reports and proposals only. See https://go.dev/wiki/Questions for a list of places to ask questions about the Go language.