Google Git
Sign in
android / platform / external / golang-x-sys / c79a742fd1381a2ee32d28c5d97bbc19de34d54a
commitc79a742fd1381a2ee32d28c5d97bbc19de34d54a[log] [tgz]
authorBryan C. Mills <bcmills@google.com>Mon Feb 06 12:16:47 2023 -0500
committerGopher Robot <gobot@golang.org>Wed Feb 08 01:11:03 2023 +0000
tree31404b347a6905a8be0eab0fdb2b9971eb1f4e05
parent90c8f94a055257f9ab343137cbada4e658750fbb [diff]
unix: fix a use-after-free bug in PtraceIO on freebsd

In CL 419915, both pointer fields of the PtraceIoDesc struct were
converted to type uintptr to address golang/go#54113.

However, that change was overzealous: the fix needed to convert fields
that refer to addresses in the child process, but the Addr field of
PtraceIoDesc is not even in the child process! It is instead an
address in the parent (Go) process.

Go's unsafe.Pointer rules prohibit converting a Go pointer to a
uintptr except when immediately converting back to an unsafe.Pointer
or calling a system call. Populating a PtraceIoDesc struct is neither
of those things, so converting the Addr field to uintptr introduced a
use-after-free bug.

This change reverts the change to the Addr field from CL 419915 and
consolidates the implementation of PtraceIO to reduce the the amount
of code that varies with GOARCH.

This change does not address the remaining ptrace uintptr bug
(golang/go#58387), which is also present in the Linux implementation.

Fixes golang/go#58351.
Updates golang/go#54113.
For golang/go#41205.

Change-Id: I14bdb4af42130aa7b4375e3f53fd1a0435f14307
Reviewed-on: https://go-review.googlesource.com/c/sys/+/465676
Auto-Submit: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
12 files changed
tree: 31404b347a6905a8be0eab0fdb2b9971eb1f4e05
  1. cpu/
  2. execabs/
  3. internal/
  4. plan9/
  5. unix/
  6. windows/
  7. .gitattributes
  8. .gitignore
  9. codereview.cfg
  10. CONTRIBUTING.md
  11. go.mod
  12. LICENSE
  13. PATENTS
  14. README.md
README.md

sys

Go Reference

This repository holds supplemental Go packages for low-level interactions with the operating system.

Download/Install

The easiest way to install is to run go get -u golang.org/x/sys. You can also manually git clone the repository to $GOPATH/src/golang.org/x/sys.

Report Issues / Send Patches

This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.

The main issue tracker for the sys repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/sys:” in the subject line, so it is easy to find.