mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
go/src/encoding
History
Russ Cox 6695cebeec encoding/xml: reduce depth limit on wasm 
Wasm can't handle the recusion for XML nested to depth 10,000.
Cut it off at 5,000 instead. This fixes TestCVE202228131 on trybots
in certain conditions.

Also disable TestCVE202230633 to fix 'go test -v encoding/xml' on gomotes.

Also rename errExeceededMaxUnmarshalDepth [misspelled and unwieldy]
to errUnmarshalDepth.

For #56498.

Change-Id: I7cc337ccfee251bfd9771497be0e5272737114f9
Reviewed-on: https://go-review.googlesource.com/c/go/+/446639
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
 		2022-10-31 20:35:56 +00:00
..
ascii85 encoding: use strings.Builder 2022-09-06 15:46:20 +00:00
asn1 all: remove redundant type conversion 2022-10-06 04:37:00 +00:00
base32 all: remove redundant type conversion 2022-10-06 04:37:00 +00:00
base64 encoding: use strings.Builder 2022-09-06 15:46:20 +00:00
binary encoding/binary: ReadUvarint return io.ErrUnexpectedEOF when read at least 1 byte 2022-08-08 17:29:13 +00:00
csv encoding: use strings.Builder 2022-09-06 15:46:20 +00:00
gob encoding/gob: support large slices in slice decode helpers 2022-10-20 23:11:47 +00:00
hex encoding: use strings.Builder 2022-09-06 15:46:20 +00:00
json encoding/json: return comparison directly 2022-09-30 20:10:56 +00:00
pem all: use strings.Builder where appropriate 2022-09-29 22:56:00 +00:00
xml encoding/xml: reduce depth limit on wasm 2022-10-31 20:35:56 +00:00
encoding.go