mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
go/src/cmd/fix
History
Roland Shoemaker 953d1feca9 all: introduce and use internal/execabs 
Introduces a wrapper around os/exec, internal/execabs, for use in
all commands. This wrapper prevents exec.LookPath and exec.Command from
running executables in the current directory.

All imports of os/exec in non-test files in cmd/ are replaced with
imports of internal/execabs.

This issue was reported by RyotaK.

Fixes CVE-2021-3115
Fixes #43783

Change-Id: I0423451a6e27ec1e1d6f3fe929ab1ef69145c08f
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/955304
Reviewed-by: Russ Cox <rsc@google.com>
Reviewed-by: Katie Hockman <katiehockman@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/284783
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
 		2021-01-21 19:10:18 +00:00
..
cftype.go
cftype_test.go
context.go
context_test.go
doc.go
egltype.go cmd/cgo,cmd/fix,misc/cgo: map the EGLConfig C type to uintptr in Go 2020-05-31 09:48:08 +00:00
egltype_test.go cmd/cgo,cmd/fix,misc/cgo: map the EGLConfig C type to uintptr in Go 2020-05-31 09:48:08 +00:00
fix.go cmd/fix: remove un-used code 2020-08-26 16:38:34 +00:00
gotypes.go cmd/fix: rename confusing boolean 2020-10-12 18:31:22 +00:00
gotypes_test.go
import_test.go
jnitype.go
jnitype_test.go
main.go all: update to use os.ReadFile, os.WriteFile, os.CreateTemp, os.MkdirTemp 2020-12-09 19:12:23 +00:00
main_test.go
netipv6zone.go
netipv6zone_test.go
printerconfig.go
printerconfig_test.go
typecheck.go all: introduce and use internal/execabs 2021-01-21 19:10:18 +00:00