Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[release-branch.go1.15-security] cmd/go: in cgoflags, permit -DX1, pr…
…ohibit -Wp,-D,opt Restrict -D and -U to ASCII C identifiers, but do permit trailing digits. When using -Wp, prohibit commas in -D values. Thanks to Imre Rad (https://www.linkedin.com/in/imre-rad-2358749b) for reporting this. Fixes CVE-2020-28367 Change-Id: Ibfc4dfdd6e6c258e131448e7682610c44eee9492 Reviewed-on: https://go-review.googlesource.com/c/go/+/267277 Trust: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Bryan C. Mills <bcmills@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/899924 Reviewed-by: Filippo Valsorda <valsorda@google.com>
- Loading branch information