1. 02 Apr, 2019 3 commits
  2. 27 Mar, 2019 3 commits
  3. 24 Mar, 2019 1 commit
  4. 15 Mar, 2019 1 commit
  5. 14 Mar, 2019 5 commits
  6. 13 Mar, 2019 9 commits
  7. 08 Mar, 2019 1 commit
  8. 05 Mar, 2019 2 commits
  9. 03 Mar, 2019 1 commit
  10. 01 Mar, 2019 2 commits
  11. 27 Feb, 2019 1 commit
  12. 26 Feb, 2019 3 commits
  13. 25 Feb, 2019 6 commits
  14. 22 Feb, 2019 2 commits
    • Filippo Valsorda's avatar
      [release-branch.go1.12] crypto/rc4: remove false guarantees from Reset docs and deprecate it · da1f5d37
      Filippo Valsorda authored
      Nothing in Go can truly guarantee a key will be gone from memory (see
      #21865), so remove that claim. That makes Reset useless, because
      unlike most Reset methods it doesn't restore the original value state,
      so deprecate it.
      
      Change-Id: I6bb0f7f94c7e6dd4c5ac19761bc8e5df1f9ec618
      Reviewed-on: https://go-review.googlesource.com/c/162297Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      (cherry picked from commit b35dacaa)
      Reviewed-on: https://go-review.googlesource.com/c/163438
      da1f5d37
    • Cherry Zhang's avatar
      [release-branch.go1.12] cmd/compile: flow interface data to heap if CONVIFACE... · 35e6a10c
      Cherry Zhang authored
      [release-branch.go1.12] cmd/compile: flow interface data to heap if CONVIFACE of a non-direct interface escapes
      
      Consider the following code:
      
      func f(x []*T) interface{} {
      	return x
      }
      
      It returns an interface that holds a heap copy of x (by calling
      convT2I or friend), therefore x escape to heap. The current
      escape analysis only recognizes that x flows to the result. This
      is not sufficient, since if the result does not escape, x's
      content may be stack allocated and this will result a
      heap-to-stack pointer, which is bad.
      
      Fix this by realizing that if a CONVIFACE escapes and we're
      converting from a non-direct interface type, the data needs to
      escape to heap.
      
      Running "toolstash -cmp" on std & cmd, the generated machine code
      are identical for all packages. However, the export data (escape
      tags) differ in the following packages. It looks to me that all
      are similar to the "f" above, where the parameter should escape
      to heap.
      
      io/ioutil/ioutil.go:118
      	old: leaking param: r to result ~r1 level=0
      	new: leaking param: r
      
      image/image.go:943
      	old: leaking param: p to result ~r0 level=1
      	new: leaking param content: p
      
      net/url/url.go:200
      	old: leaking param: s to result ~r2 level=0
      	new: leaking param: s
      
      (as a consequence)
      net/url/url.go:183
      	old: leaking param: s to result ~r1 level=0
      	new: leaking param: s
      
      net/url/url.go:194
      	old: leaking param: s to result ~r1 level=0
      	new: leaking param: s
      
      net/url/url.go:699
      	old: leaking param: u to result ~r0 level=1
      	new: leaking param: u
      
      net/url/url.go:775
      	old: (*URL).String u does not escape
      	new: leaking param content: u
      
      net/url/url.go:1038
      	old: leaking param: u to result ~r0 level=1
      	new: leaking param: u
      
      net/url/url.go:1099
      	old: (*URL).MarshalBinary u does not escape
      	new: leaking param content: u
      
      flag/flag.go:235
      	old: leaking param: s to result ~r0 level=1
      	new: leaking param content: s
      
      go/scanner/errors.go:105
      	old: leaking param: p to result ~r0 level=0
      	new: leaking param: p
      
      database/sql/sql.go:204
      	old: leaking param: ns to result ~r0 level=0
      	new: leaking param: ns
      
      go/constant/value.go:303
      	old: leaking param: re to result ~r2 level=0, leaking param: im to result ~r2 level=0
      	new: leaking param: re, leaking param: im
      
      go/constant/value.go:846
      	old: leaking param: x to result ~r1 level=0
      	new: leaking param: x
      
      encoding/xml/xml.go:518
      	old: leaking param: d to result ~r1 level=2
      	new: leaking param content: d
      
      encoding/xml/xml.go:122
      	old: leaking param: leaking param: t to result ~r1 level=0
      	new: leaking param: t
      
      crypto/x509/verify.go:506
      	old: leaking param: c to result ~r8 level=0
      	new: leaking param: c
      
      crypto/x509/verify.go:563
      	old: leaking param: c to result ~r3 level=0, leaking param content: c
      	new: leaking param: c
      
      crypto/x509/verify.go:615
      	old: (nothing)
      	new: leaking closure reference c
      
      crypto/x509/verify.go:996
      	old: leaking param: c to result ~r1 level=0, leaking param content: c
      	new: leaking param: c
      
      net/http/filetransport.go:30
      	old: leaking param: fs to result ~r1 level=0
      	new: leaking param: fs
      
      net/http/h2_bundle.go:2684
      	old: leaking param: mh to result ~r0 level=2
      	new: leaking param content: mh
      
      net/http/h2_bundle.go:7352
      	old: http2checkConnHeaders req does not escape
      	new: leaking param content: req
      
      net/http/pprof/pprof.go:221
      	old: leaking param: name to result ~r1 level=0
      	new: leaking param: name
      
      cmd/internal/bio/must.go:21
      	old: leaking param: w to result ~r1 level=0
      	new: leaking param: w
      
      Fixes #29353.
      
      Change-Id: I7e7798ae773728028b0dcae5bccb3ada51189c68
      Reviewed-on: https://go-review.googlesource.com/c/162829
      Run-TryBot: Cherry Zhang <cherryyz@google.com>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarMatthew Dempsky <mdempsky@google.com>
      Reviewed-by: default avatarDavid Chase <drchase@google.com>
      (cherry picked from commit 0349f29a)
      Reviewed-on: https://go-review.googlesource.com/c/163203Reviewed-by: default avatarIan Lance Taylor <iant@golang.org>
      35e6a10c