Skip to content

Commit

Permalink
[release-branch.go1.19] cmd/go: enforce flags with non-optional argum…
Browse files Browse the repository at this point in the history 
…ents

Enforce that linker flags which expect arguments get them, otherwise it
may be possible to smuggle unexpected flags through as the linker can
consume what looks like a flag as an argument to a preceding flag (i.e.
"-Wl,-O -Wl,-R,-bad-flag" is interpreted as "-O=-R -bad-flag"). Also be
somewhat more restrictive in the general format of some flags.

Thanks to Juho Nurminen of Mattermost for reporting this issue.

Updates #60305
Fixes #60511
Fixes CVE-2023-29404

Change-Id: Icdffef2c0f644da50261cace6f43742783931cff
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1876275
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
(cherry picked from commit 896779503cf754cbdac24b61d4cc953b50fe2dde)
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902225
Run-TryBot: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904342
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/501217
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Bypass: Michael Knyszek <mknyszek@google.com>
  • Loading branch information
@rolandshoemaker @gopherbot
rolandshoemaker authored and gopherbot committed Jun 6, 2023
1 parent 44e0fb1 commit bf3c8ce
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/cmd/go/internal/work/security.go
View file
Expand Up @@ -180,10 +180,10 @@ var validLinkerFlags = []*lazyregexp.Regexp{
re(`-Wl,-berok`),
re(`-Wl,-Bstatic`),
re(`-Wl,-Bsymbolic-functions`),
re(`-Wl,-O([^@,\-][^,]*)?`),
re(`-Wl,-O[0-9]+`),
re(`-Wl,-d[ny]`),
re(`-Wl,--disable-new-dtags`),
re(`-Wl,-e[=,][a-zA-Z0-9]*`),
re(`-Wl,-e[=,][a-zA-Z0-9]+`),
re(`-Wl,--enable-new-dtags`),
re(`-Wl,--end-group`),
re(`-Wl,--(no-)?export-dynamic`),
Expand All @@ -192,7 +192,7 @@ var validLinkerFlags = []*lazyregexp.Regexp{
re(`-Wl,--hash-style=(sysv|gnu|both)`),
re(`-Wl,-headerpad_max_install_names`),
re(`-Wl,--no-undefined`),
re(`-Wl,-R([^@\-][^,@]*$)`),
re(`-Wl,-R,?([^@\-,][^,@]*$)`),
re(`-Wl,--just-symbols[=,]([^,@\-][^,@]+)`),
re(`-Wl,-rpath(-link)?[=,]([^,@\-][^,]+)`),
re(`-Wl,-s`),
Expand Down
5 changes: 5 additions & 0 deletions src/cmd/go/internal/work/security_test.go
View file
Expand Up @@ -230,6 +230,11 @@ var badLinkerFlags = [][]string{
{"-Wl,-R,@foo"},
{"-Wl,--just-symbols,@foo"},
{"../x.o"},
{"-Wl,-R,"},
{"-Wl,-O"},
{"-Wl,-e="},
{"-Wl,-e,"},
{"-Wl,-R,-flag"},
}

func TestCheckLinkerFlags(t *testing.T) {
Expand Down

0 comments on commit bf3c8ce

Please sign in to comment.