Build error and garble unsupport github.com/gogo/protobuf@v1.3.2 #685
Comments
uk0
changed the title
|
We test against |
|
I think those are unrelated; gogo/protobuf is a very old, and I believe unmaintained, fork of protobuf. I seem to recall it makes pretty heavy use of unsafe or reflect, so it's not surprising that it doesn't work out of the box. At the same time, it has been deprecated for a while now, so I'm not sure we should prioritize it. |
|
Oh I assumed we're talking about normal protobuf |
|
gogo/protobuf is old and unmaintained, I think big libraries still use it for ease of use. Namely libp2p. |
|
Is there any way to ignore gabling this library? I've tried to add |
|
You can use |
|
This is not completed; we do support the official google.golang.org/protobuf, but the gogo/protobuf does not work with garble right now. Reopening to track the fix, since otherwise we keep getting duplicate reports like #723. |
|
Thank you for reopening |
Up until now, the new SSA reflection detection relied on call sites
to propagate which objects (named types, struct fields) used reflection.
For example, given the code:
json.Marshal(new(T))
we would first record that json.Marshal calls reflect.TypeOf,
and then that the user's code called json.Marshal with the type *T.
However, this would not catch a slight variation on the above:
var t T
reflect.TypeOf(t)
t.foo = struct{bar int}{}
Here, type T's fields such as "foo" and "bar" are not obfuscated,
since our logic sees the call site and marks the type T recursively.
However, the unnamed `struct{bar int}` type was still obfuscated,
causing errors such as:
cannot use struct{uKGvcJvD24 int}{} (value of type struct{uKGvcJvD24 int}) as struct{bar int} value in assignment
The solution is to teach the analysis about *ssa.Store instructions
in a similar way to how it already knows about *ssa.Call instructions.
If we see a store where the destination type is marked for reflection,
then we mark the source type as well, fixing the bug above.
This fixes obfuscating github.com/gogo/protobuf/proto.
A number of other Go modules fail with similar errors,
and they look like very similar bugs,
but this particular fix doesn't apply to them.
Future incremental fixes will try to deal with those extra cases.
Fixes burrowers#685.
Up until now, the new SSA reflection detection relied on call sites
to propagate which objects (named types, struct fields) used reflection.
For example, given the code:
json.Marshal(new(T))
we would first record that json.Marshal calls reflect.TypeOf,
and then that the user's code called json.Marshal with the type *T.
However, this would not catch a slight variation on the above:
var t T
reflect.TypeOf(t)
t.foo = struct{bar int}{}
Here, type T's fields such as "foo" and "bar" are not obfuscated,
since our logic sees the call site and marks the type T recursively.
However, the unnamed `struct{bar int}` type was still obfuscated,
causing errors such as:
cannot use struct{uKGvcJvD24 int}{} (value of type struct{uKGvcJvD24 int}) as struct{bar int} value in assignment
The solution is to teach the analysis about *ssa.Store instructions
in a similar way to how it already knows about *ssa.Call instructions.
If we see a store where the destination type is marked for reflection,
then we mark the source type as well, fixing the bug above.
This fixes obfuscating github.com/gogo/protobuf/proto.
A number of other Go modules fail with similar errors,
and they look like very similar bugs,
but this particular fix doesn't apply to them.
Future incremental fixes will try to deal with those extra cases.
Fixes #685.
|
Even though it's old and deprecated, "github.com/gogo/protobuf" is a dependency of the latest version of the official Docker package as of 08/2023: github.com/docker/docker v24.0.5+incompatible. |
|
This is fixed in master, for what it's worth. |
and others
What version of Garble and Go are you using?
$ garble version (0.9.3) mvdan.cc/garble v0.0.0-20230216084601-d0c8c8d844df Build settings: -buildmode exe -compiler gc CGO_ENABLED 1 GOARCH arm64 GOOS darwin vcs git vcs.revision d0c8c8d844dfd0d866aaa7706c3f77227688828a vcs.time 2023-02-16T08:46:01Z vcs.modified false $ go version go version go1.20.1 darwin/arm64What environment are you running Garble on?
go envOutputWhat did you do?
link ERROR GIST
The text was updated successfully, but these errors were encountered: