1
0
mirror of https://github.com/golang/go synced 2024-11-19 00:44:40 -07:00
go/src
Damien Neil e92c0f846c crypto/tls: QUIC: fix panics when processing post-handshake messages
The check for fragmentary post-handshake messages in QUICConn.HandleData
was reversed, resulting in a potential panic when HandleData receives
a partial message.

In addition, HandleData wasn't checking the size of buffered
post-handshake messages. Produce an error when a post-handshake
message is larger than maxHandshake.

TestQUICConnectionState was using an onHandleCryptoData hook
in runTestQUICConnection that was never being called.
(I think it was inadvertently removed at some point while
the CL was in review.) Fix this test while making the hook
more general.

Fixes #62266

Change-Id: I210b70634e50beb456ab3977eb11272b8724c241
Reviewed-on: https://go-review.googlesource.com/c/go/+/522595
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Marten Seemann <martenseemann@gmail.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2023-08-25 17:57:53 +00:00
..
archive archive/tar: correct value passed to Uname method 2023-08-10 14:37:50 +00:00
arena
bufio bufio: clarify the maximum token size 2023-08-16 02:07:18 +00:00
builtin
bytes internal/bytealg: add generic LastIndexByte{,String} 2023-08-25 15:08:28 +00:00
cmd cmd/cgo: add #cgo noescape/nocallback annotations 2023-08-25 17:39:23 +00:00
cmp
compress
container
context context: fix synchronization in ExampleAfterFunc_cond 2023-08-21 20:24:28 +00:00
crypto crypto/tls: QUIC: fix panics when processing post-handshake messages 2023-08-25 17:57:53 +00:00
database/sql database/sql: use reflect.TypeFor for known types 2023-08-08 20:57:57 +00:00
debug
embed
encoding encoding/json: modernize tests 2023-08-25 16:00:37 +00:00
errors errors: optimize Is and As by reusing reflection of target 2023-08-18 23:40:44 +00:00
expvar expvar: emit valid JSON strings 2023-08-19 23:26:49 +00:00
flag
fmt fmt: amend comment for getField 2023-08-17 16:33:59 +00:00
go cmd/cgo: add #cgo noescape/nocallback annotations 2023-08-25 17:39:23 +00:00
hash
html
image encoding/xml, image/jpeg, image/png: use the builtin min function 2023-08-07 00:23:29 +00:00
index/suffixarray
internal internal/bytealg: add generic LastIndexByte{,String} 2023-08-25 15:08:28 +00:00
io io: reduce allocations in Pipe constructor 2023-08-17 16:25:48 +00:00
log log/slog: rename receiver name for the Value struct from a to v 2023-08-17 21:35:14 +00:00
maps
math math/big, math/rand: use the built-in max function 2023-08-17 16:42:19 +00:00
mime
net net/http/cgi: workaround for closure inlining issue 2023-08-25 17:57:42 +00:00
os internal/bytealg: add generic LastIndexByte{,String} 2023-08-25 15:08:28 +00:00
path path/filepath: don't drop .. elements when cleaning invalid Windows paths 2023-08-08 21:48:12 +00:00
plugin
reflect
regexp regexp/syntax: use more compact Regexp.String output 2023-08-16 16:02:30 +00:00
runtime cmd/cgo: add #cgo noescape/nocallback annotations 2023-08-25 17:39:23 +00:00
slices slices: simplify Clone a bit 2023-08-20 04:12:09 +00:00
sort sort: use the builtin min function 2023-08-07 18:49:55 +00:00
strconv strconv: add missing function name, avoid unnecessary raw string 2023-08-24 18:08:43 +00:00
strings internal/bytealg: add generic LastIndexByte{,String} 2023-08-25 15:08:28 +00:00
sync sync: document why copyChecker checks the condition twice 2023-08-16 15:36:31 +00:00
syscall syscall: skip TestUnshareMountNameSpaceChroot on platforms that require external linking 2023-08-24 17:32:08 +00:00
testdata
testing internal/sysinfo: print cpu type from cpuinfo when internal cpu name is empty on Linux 2023-08-17 21:40:36 +00:00
text text/template: use "IsValid" instead of "!= zero" to compare zero Value 2023-08-03 15:59:13 +00:00
time time: make time.Until a few nanoseconds faster 2023-08-25 15:10:18 +00:00
unicode
unsafe
vendor all: update vendored dependencies 2023-08-09 21:28:32 +00:00
all.bash
all.bat
all.rc
bootstrap.bash
buildall.bash
clean.bash
clean.bat
clean.rc
cmp.bash
go.mod all: update vendored dependencies 2023-08-09 21:28:32 +00:00
go.sum all: update vendored dependencies 2023-08-09 21:28:32 +00:00
make.bash
make.bat
Make.dist
make.rc
race.bash
race.bat
README.vendor
run.bash
run.bat
run.rc

Vendoring in std and cmd
========================

The Go command maintains copies of external packages needed by the
standard library in the src/vendor and src/cmd/vendor directories.

There are two modules, std and cmd, defined in src/go.mod and
src/cmd/go.mod. When a package outside std or cmd is imported
by a package inside std or cmd, the import path is interpreted
as if it had a "vendor/" prefix. For example, within "crypto/tls",
an import of "golang.org/x/crypto/cryptobyte" resolves to
"vendor/golang.org/x/crypto/cryptobyte". When a package with the
same path is imported from a package outside std or cmd, it will
be resolved normally. Consequently, a binary may be built with two
copies of a package at different versions if the package is
imported normally and vendored by the standard library.

Vendored packages are internally renamed with a "vendor/" prefix
to preserve the invariant that all packages have distinct paths.
This is necessary to avoid compiler and linker conflicts. Adding
a "vendor/" prefix also maintains the invariant that standard
library packages begin with a dotless path element.

The module requirements of std and cmd do not influence version
selection in other modules. They are only considered when running
module commands like 'go get' and 'go mod vendor' from a directory
in GOROOT/src.

Maintaining vendor directories
==============================

Before updating vendor directories, ensure that module mode is enabled.
Make sure that GO111MODULE is not set in the environment, or that it is
set to 'on' or 'auto'.

Requirements may be added, updated, and removed with 'go get'.
The vendor directory may be updated with 'go mod vendor'.
A typical sequence might be:

    cd src
    go get golang.org/x/net@master
    go mod tidy
    go mod vendor

Use caution when passing '-u' to 'go get'. The '-u' flag updates
modules providing all transitively imported packages, not only
the module providing the target package.

Note that 'go mod vendor' only copies packages that are transitively
imported by packages in the current module. If a new package is needed,
it should be imported before running 'go mod vendor'.