[release-branch.go1.19] cmd/go,cmd/cgo: in _cgo_flags use one line per flag

The flags that we recorded in _cgo_flags did not use any quoting, so a flag containing embedded spaces was mishandled. Change the _cgo_flags format to put each flag on a separate line. That is a simple format that does not require any quoting. As far as I can tell only cmd/go uses _cgo_flags, and it is only used for gccgo. If this patch doesn't cause any trouble, then in the next release we can change to only using _cgo_flags for gccgo. Thanks to Juho Nurminen of Mattermost for reporting this issue. Updates #60306 Fixes #60513 Fixes CVE-2023-29405 Change-Id: Id738a737ecae47babb34c4b4fc4d65336cf0c0f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1875094 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> (cherry picked from commit bcdfcadd5612212089d958bc352a6f6c90742dcc) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902227 Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904341 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/501216 Auto-Submit: Michael Knyszek <mknyszek@google.com> Run-TryBot: David Chase <drchase@google.com> TryBot-Bypass: David Chase <drchase@google.com>
2023-05-04 14:06:39 -07:00 · 2023-05-04 14:06:39 -07:00 · 44e0fb13e7
parent a7b1cd452d
commit 44e0fb13e7
3 changed files with 29 additions and 9 deletions
--- a/src/cmd/cgo/out.go
+++ b/src/cmd/cgo/out.go
@ -47,7 +47,9 @@ func (p *Package) writeDefs() {

 	fflg := creat(*objDir + "_cgo_flags")
 	for k, v := range p.CgoFlags {
-		fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, strings.Join(v, " "))
+		for _, arg := range v {
+			fmt.Fprintf(fflg, "_CGO_%s=%s\n", arg)
+		}
 		if k == "LDFLAGS" && !*gccgo {
 			for _, arg := range v {
 				fmt.Fprintf(fgo2, "//go:cgo_ldflag %q\n", arg)
--- a/src/cmd/go/internal/work/gccgo.go
+++ b/src/cmd/go/internal/work/gccgo.go
@ -283,14 +283,12 @@ func (tools gccgoToolchain) link(b *Builder, root *Action, out, importcfg string
 		const ldflagsPrefix = "_CGO_LDFLAGS="
 		for _, line := range strings.Split(string(flags), "\n") {
 			if strings.HasPrefix(line, ldflagsPrefix) {
-				newFlags := strings.Fields(line[len(ldflagsPrefix):])
-				for _, flag := range newFlags {
-					// Every _cgo_flags file has -g and -O2 in _CGO_LDFLAGS
-					// but they don't mean anything to the linker so filter
-					// them out.
-					if flag != "-g" && !strings.HasPrefix(flag, "-O") {
-						cgoldflags = append(cgoldflags, flag)
-					}
+				flag := line[len(ldflagsPrefix):]
+				// Every _cgo_flags file has -g and -O2 in _CGO_LDFLAGS
+				// but they don't mean anything to the linker so filter
+				// them out.
+				if flag != "-g" && !strings.HasPrefix(flag, "-O") {
+					cgoldflags = append(cgoldflags, flag)
 				}
 			}
 		}
--- a/src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+++ b/src/cmd/go/testdata/script/gccgo_link_ldflags.txt
@ -0,0 +1,20 @@
+# Test that #cgo LDFLAGS are properly quoted.
+# The #cgo LDFLAGS below should pass a string with spaces to -L,
+# as though searching a directory with a space in its name.
+# It should not pass --nosuchoption to the external linker.
+
+[!cgo] skip
+
+go build
+
+[!exec:gccgo] skip
+
+go build -compiler gccgo
+
+-- go.mod --
+module m
+-- cgo.go --
+package main
+// #cgo LDFLAGS: -L "./ -Wl,--nosuchoption"
+import "C"
+func main() {}