diff --git a/0009-release-branch.go1.13-net-http-don-t-cache-http2.err.patch b/0009-release-branch.go1.13-net-http-don-t-cache-http2.err.patch deleted file mode 100644 index fc12ac4bf10f2706120885af09ac1103eda56929..0000000000000000000000000000000000000000 --- a/0009-release-branch.go1.13-net-http-don-t-cache-http2.err.patch +++ /dev/null @@ -1,130 +0,0 @@ -From b2df6bf225859f82b3f69d471e1c99b72c208ec3 Mon Sep 17 00:00:00 2001 -From: Brad Fitzpatrick -Date: Fri, 18 Oct 2019 20:45:33 +0000 -Subject: [PATCH] [release-branch.go1.13] net/http: don't cache - http2.erringRoundTripper connections - -Fixes #35087 -Updates #34978 - -Change-Id: I3baf1392ba7366ae6628889c47c343ef702ec438 -Reviewed-on: https://go-review.googlesource.com/c/go/+/202078 -Reviewed-by: Bryan C. Mills -Run-TryBot: Brad Fitzpatrick -TryBot-Result: Gobot Gobot -(cherry picked from commit 88186e5e232625f9c91d639e0cb90a88c6cf1172) -Reviewed-on: https://go-review.googlesource.com/c/go/+/202642 -Reviewed-by: Emmanuel Odeke ---- - src/net/http/transport.go | 9 +++- - src/net/http/transport_test.go | 75 ++++++++++++++++++++++++++++++++++ - 2 files changed, 82 insertions(+), 2 deletions(-) - -diff --git a/src/net/http/transport.go b/src/net/http/transport.go -index caa4bdc36f..b46c4e7066 100644 ---- a/src/net/http/transport.go -+++ b/src/net/http/transport.go -@@ -537,10 +537,15 @@ func (t *Transport) roundTrip(req *Request) (*Response, error) { - if err == nil { - return resp, nil - } -- if http2isNoCachedConnError(err) { -+ -+ // Failed. Clean up and determine whether to retry. -+ -+ _, isH2DialError := pconn.alt.(http2erringRoundTripper) -+ if http2isNoCachedConnError(err) || isH2DialError { - t.removeIdleConn(pconn) - t.decConnsPerHost(pconn.cacheKey) -- } else if !pconn.shouldRetryRequest(req, err) { -+ } -+ if !pconn.shouldRetryRequest(req, err) { - // Issue 16465: return underlying net.Conn.Read error from peek, - // as we've historically done. - if e, ok := err.(transportReadFromServerError); ok { -diff --git a/src/net/http/transport_test.go b/src/net/http/transport_test.go -index e43c8956ee..f8c13a7091 100644 ---- a/src/net/http/transport_test.go -+++ b/src/net/http/transport_test.go -@@ -5719,3 +5719,78 @@ func TestInvalidHeaderResponse(t *testing.T) { - t.Errorf(`bad "Foo " header value: %q, want %q`, v, "bar") - } - } -+ -+// breakableConn is a net.Conn wrapper with a Write method -+// that will fail when its brokenState is true. -+type breakableConn struct { -+ net.Conn -+ *brokenState -+} -+ -+type brokenState struct { -+ sync.Mutex -+ broken bool -+} -+ -+func (w *breakableConn) Write(b []byte) (n int, err error) { -+ w.Lock() -+ defer w.Unlock() -+ if w.broken { -+ return 0, errors.New("some write error") -+ } -+ return w.Conn.Write(b) -+} -+ -+// Issue 34978: don't cache a broken HTTP/2 connection -+func TestDontCacheBrokenHTTP2Conn(t *testing.T) { -+ cst := newClientServerTest(t, h2Mode, HandlerFunc(func(w ResponseWriter, r *Request) {}), optQuietLog) -+ defer cst.close() -+ -+ var brokenState brokenState -+ -+ cst.tr.Dial = func(netw, addr string) (net.Conn, error) { -+ c, err := net.Dial(netw, addr) -+ if err != nil { -+ t.Errorf("unexpected Dial error: %v", err) -+ return nil, err -+ } -+ return &breakableConn{c, &brokenState}, err -+ } -+ -+ const numReqs = 5 -+ var gotConns uint32 // atomic -+ for i := 1; i <= numReqs; i++ { -+ brokenState.Lock() -+ brokenState.broken = false -+ brokenState.Unlock() -+ -+ // doBreak controls whether we break the TCP connection after the TLS -+ // handshake (before the HTTP/2 handshake). We test a few failures -+ // in a row followed by a final success. -+ doBreak := i != numReqs -+ -+ ctx := httptrace.WithClientTrace(context.Background(), &httptrace.ClientTrace{ -+ GotConn: func(info httptrace.GotConnInfo) { -+ atomic.AddUint32(&gotConns, 1) -+ }, -+ TLSHandshakeDone: func(cfg tls.ConnectionState, err error) { -+ brokenState.Lock() -+ defer brokenState.Unlock() -+ if doBreak { -+ brokenState.broken = true -+ } -+ }, -+ }) -+ req, err := NewRequestWithContext(ctx, "GET", cst.ts.URL, nil) -+ if err != nil { -+ t.Fatal(err) -+ } -+ _, err = cst.c.Do(req) -+ if doBreak != (err != nil) { -+ t.Errorf("for iteration %d, doBreak=%v; unexpected error %v", i, doBreak, err) -+ } -+ } -+ if got, want := atomic.LoadUint32(&gotConns), 1; int(got) != want { -+ t.Errorf("GotConn calls = %v; want %v", got, want) -+ } -+} --- -2.17.1 - diff --git a/0010-release-branch.go1.13-net-http-fix-Server.ConnContex.patch b/0010-release-branch.go1.13-net-http-fix-Server.ConnContex.patch deleted file mode 100644 index c23adb8a9ade1bc752743efa2cdf3d40b5996a27..0000000000000000000000000000000000000000 --- a/0010-release-branch.go1.13-net-http-fix-Server.ConnContex.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 94b6eec5dc639e87f0e2f739cfd257a432160881 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roman=20Koll=C3=A1r?= -Date: Thu, 21 Nov 2019 22:25:52 +0000 -Subject: [PATCH] [release-branch.go1.13] net/http: fix Server.ConnContext - modifying context for all new connections - -Updates #35750 -Fixes #35765 - -Change-Id: I65d38cfc5ddd66131777e104c269cc3559b2471d -GitHub-Last-Rev: 953fdfd49b2be665be43f8148d2a6180dae3b91c -GitHub-Pull-Request: golang/go#35751 -Reviewed-on: https://go-review.googlesource.com/c/go/+/208318 -Reviewed-by: Brad Fitzpatrick -Run-TryBot: Brad Fitzpatrick -TryBot-Result: Gobot Gobot -(cherry picked from commit bbbc6589dfbc05be2bfa59f51c20f9eaa8d0c531) -Reviewed-on: https://go-review.googlesource.com/c/go/+/208235 -Reviewed-by: Bryan C. Mills ---- - src/net/http/serve_test.go | 33 +++++++++++++++++++++++++++++++++ - src/net/http/server.go | 7 ++++--- - 2 files changed, 37 insertions(+), 3 deletions(-) - -diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go -index 1d1449aa65..90f112b2ee 100644 ---- a/src/net/http/serve_test.go -+++ b/src/net/http/serve_test.go -@@ -6121,6 +6121,39 @@ func TestServerContextsHTTP2(t *testing.T) { - } - } - -+// Issue 35750: check ConnContext not modifying context for other connections -+func TestConnContextNotModifyingAllContexts(t *testing.T) { -+ setParallel(t) -+ defer afterTest(t) -+ type connKey struct{} -+ ts := httptest.NewUnstartedServer(HandlerFunc(func(rw ResponseWriter, r *Request) { -+ rw.Header().Set("Connection", "close") -+ })) -+ ts.Config.ConnContext = func(ctx context.Context, c net.Conn) context.Context { -+ if got := ctx.Value(connKey{}); got != nil { -+ t.Errorf("in ConnContext, unexpected context key = %#v", got) -+ } -+ return context.WithValue(ctx, connKey{}, "conn") -+ } -+ ts.Start() -+ defer ts.Close() -+ -+ var res *Response -+ var err error -+ -+ res, err = ts.Client().Get(ts.URL) -+ if err != nil { -+ t.Fatal(err) -+ } -+ res.Body.Close() -+ -+ res, err = ts.Client().Get(ts.URL) -+ if err != nil { -+ t.Fatal(err) -+ } -+ res.Body.Close() -+} -+ - // Issue 30710: ensure that as per the spec, a server responds - // with 501 Not Implemented for unsupported transfer-encodings. - func TestUnsupportedTransferEncodingsReturn501(t *testing.T) { -diff --git a/src/net/http/server.go b/src/net/http/server.go -index 95a5eabaa2..8252e45aca 100644 ---- a/src/net/http/server.go -+++ b/src/net/http/server.go -@@ -2915,16 +2915,17 @@ func (srv *Server) Serve(l net.Listener) error { - } - return e - } -+ connCtx := ctx - if cc := srv.ConnContext; cc != nil { -- ctx = cc(ctx, rw) -- if ctx == nil { -+ connCtx = cc(connCtx, rw) -+ if connCtx == nil { - panic("ConnContext returned nil") - } - } - tempDelay = 0 - c := srv.newConn(rw) - c.setState(c.rwc, StateNew) // before Serve can return -- go c.serve(ctx) -+ go c.serve(connCtx) - } - } - --- -2.17.1 - diff --git a/0011-release-branch.go1.13-runtime-fix-textOff-for-multip.patch b/0011-release-branch.go1.13-runtime-fix-textOff-for-multip.patch deleted file mode 100644 index 7de5e384adff3449d133ea5c1a4d376be4094d14..0000000000000000000000000000000000000000 --- a/0011-release-branch.go1.13-runtime-fix-textOff-for-multip.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 6eee9903c7f970defbc0c9770397790b2bed5709 Mon Sep 17 00:00:00 2001 -From: Lynn Boger -Date: Mon, 28 Oct 2019 09:29:40 -0400 -Subject: [PATCH] [release-branch.go1.13] runtime: fix textOff for multiple - text sections - -If a compilation has multiple text sections, code in -textOff must compare the offset argument against the range -for each text section to determine which one it is in. -The comparison looks like this: - -if uintptr(off) >= sectaddr && uintptr(off) <= sectaddr+sectlen - -If the off value being compared is equal to sectaddr+sectlen then it -is not within the range of the text section but after it. The -comparison should be just '<'. - -Fixes #35211 - -Change-Id: I114633fd734563d38f4e842dd884c6c239f73c95 -Reviewed-on: https://go-review.googlesource.com/c/go/+/203817 -Run-TryBot: Lynn Boger -TryBot-Result: Gobot Gobot -Reviewed-by: Ian Lance Taylor -Reviewed-by: Cherry Zhang -(cherry picked from commit 0ae9389609f23dc905c58fc2ad7bcc16b770f337) -Reviewed-on: https://go-review.googlesource.com/c/go/+/203819 -Run-TryBot: Carlos Amedee -Reviewed-by: Keith Randall ---- - src/runtime/type.go | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/runtime/type.go b/src/runtime/type.go -index 660b45ef39..5ae3c4b09e 100644 ---- a/src/runtime/type.go -+++ b/src/runtime/type.go -@@ -287,7 +287,7 @@ func (t *_type) textOff(off textOff) unsafe.Pointer { - for i := range md.textsectmap { - sectaddr := md.textsectmap[i].vaddr - sectlen := md.textsectmap[i].length -- if uintptr(off) >= sectaddr && uintptr(off) <= sectaddr+sectlen { -+ if uintptr(off) >= sectaddr && uintptr(off) < sectaddr+sectlen { - res = md.textsectmap[i].baseaddr + uintptr(off) - uintptr(md.textsectmap[i].vaddr) - break - } --- -2.17.1 - diff --git a/0012-release-branch.go1.13-runtime-ensure-memmove-write-p.patch b/0012-release-branch.go1.13-runtime-ensure-memmove-write-p.patch deleted file mode 100644 index 20c49cd48b435409998d6e9840bdb1dc4d1d809b..0000000000000000000000000000000000000000 --- a/0012-release-branch.go1.13-runtime-ensure-memmove-write-p.patch +++ /dev/null @@ -1,126 +0,0 @@ -From acc723af2646200d13f76ffde80b000c4095074a Mon Sep 17 00:00:00 2001 -From: Cherry Zhang -Date: Fri, 27 Dec 2019 12:02:00 -0500 -Subject: [PATCH] [release-branch.go1.13] runtime: ensure memmove write pointer - atomically on ARM64 - -If a pointer write is not atomic, if the GC is running -concurrently, it may observe a partially updated pointer, which -may point to unallocated or already dead memory. Most pointer -writes, like the store instructions generated by the compiler, -are already atomic. But we still need to be careful in places -like memmove. In memmove, we don't know which bits are pointers -(or too expensive to query), so we ensure that all aligned -pointer-sized units are written atomically. - -Fixes #36361. -Updates #36101. - -Change-Id: I1b3ca24c6b1ac8a8aaf9ee470115e9a89ec1b00b -Reviewed-on: https://go-review.googlesource.com/c/go/+/212626 -Reviewed-by: Austin Clements -(cherry picked from commit ffbc02761abb47106ce88e09290a31513b5f6c8a) -Reviewed-on: https://go-review.googlesource.com/c/go/+/213683 -Run-TryBot: Cherry Zhang -TryBot-Result: Gobot Gobot ---- - src/runtime/memmove_arm64.s | 42 +++++++++++++++++++++++++++++++++++++----- - 1 file changed, 37 insertions(+), 5 deletions(-) - -diff --git a/src/runtime/memmove_arm64.s b/src/runtime/memmove_arm64.s -index ac29f94..cedb018 100644 ---- a/src/runtime/memmove_arm64.s -+++ b/src/runtime/memmove_arm64.s -@@ -22,7 +22,7 @@ check: - CMP R3, R4 - BLT backward - -- // Copying forward proceeds by copying R7/8 words then copying R6 bytes. -+ // Copying forward proceeds by copying R7/32 quadwords then R6 <= 31 tail bytes. - // R3 and R4 are advanced as we copy. - - // (There may be implementations of armv8 where copying by bytes until -@@ -30,11 +30,12 @@ check: - // optimization, but the on the one tested so far (xgene) it did not - // make a significance difference.) - -- CBZ R7, noforwardlarge // Do we need to do any doubleword-by-doubleword copying? -+ CBZ R7, noforwardlarge // Do we need to do any quadword copying? - - ADD R3, R7, R9 // R9 points just past where we copy by word - - forwardlargeloop: -+ // Copy 32 bytes at a time. - LDP.P 32(R4), (R8, R10) - STP.P (R8, R10), 32(R3) - LDP -16(R4), (R11, R12) -@@ -43,10 +44,26 @@ forwardlargeloop: - CBNZ R7, forwardlargeloop - - noforwardlarge: -- CBNZ R6, forwardtail // Do we need to do any byte-by-byte copying? -+ CBNZ R6, forwardtail // Do we need to copy any tail bytes? - RET - - forwardtail: -+ // There are R6 <= 31 bytes remaining to copy. -+ // This is large enough to still contain pointers, -+ // which must be copied atomically. -+ // Copy the next 16 bytes, then 8 bytes, then any remaining bytes. -+ TBZ $4, R6, 3(PC) // write 16 bytes if R6&16 != 0 -+ LDP.P 16(R4), (R8, R10) -+ STP.P (R8, R10), 16(R3) -+ -+ TBZ $3, R6, 3(PC) // write 8 bytes if R6&8 != 0 -+ MOVD.P 8(R4), R8 -+ MOVD.P R8, 8(R3) -+ -+ AND $7, R6 -+ CBNZ R6, 2(PC) -+ RET -+ - ADD R3, R6, R9 // R9 points just past the destination memory - - forwardtailloop: -@@ -90,7 +107,7 @@ copy1: - RET - - backward: -- // Copying backwards proceeds by copying R6 bytes then copying R7/8 words. -+ // Copying backwards first copies R6 <= 31 tail bytes, then R7/32 quadwords. - // R3 and R4 are advanced to the end of the destination/source buffers - // respectively and moved back as we copy. - -@@ -99,13 +116,28 @@ backward: - - CBZ R6, nobackwardtail // Do we need to do any byte-by-byte copying? - -- SUB R6, R3, R9 // R9 points at the lowest destination byte that should be copied by byte. -+ AND $7, R6, R12 -+ CBZ R12, backwardtaillarge -+ -+ SUB R12, R3, R9 // R9 points at the lowest destination byte that should be copied by byte. - backwardtailloop: -+ // Copy sub-pointer-size tail. - MOVBU.W -1(R4), R8 - MOVBU.W R8, -1(R3) - CMP R9, R3 - BNE backwardtailloop - -+backwardtaillarge: -+ // Do 8/16-byte write if possible. -+ // See comment at forwardtail. -+ TBZ $3, R6, 3(PC) -+ MOVD.W -8(R4), R8 -+ MOVD.W R8, -8(R3) -+ -+ TBZ $4, R6, 3(PC) -+ LDP.W -16(R4), (R8, R10) -+ STP.W (R8, R10), -16(R3) -+ - nobackwardtail: - CBNZ R7, backwardlarge // Do we need to do any doubleword-by-doubleword copying? - RET --- -1.8.3.1 - diff --git a/0014-bump-version-to-1.13.4.patch b/0014-bump-version-to-1.13.4.patch deleted file mode 100644 index 1b01643c7d01862da77a2c04f7520ddd1a696df6..0000000000000000000000000000000000000000 --- a/0014-bump-version-to-1.13.4.patch +++ /dev/null @@ -1,20 +0,0 @@ -From 15a9cd0590cacb4b189e39a6863d6abbe9bf0a10 Mon Sep 17 00:00:00 2001 -From: xiadanni1 -Date: Fri, 24 Jul 2020 04:20:57 +0800 -Subject: [PATCH] bump to 1.13.4 - -Signed-off-by: xiadanni1 ---- - VERSION | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/VERSION b/VERSION -index 5d371fc..478bafe 100644 ---- a/VERSION -+++ b/VERSION -@@ -1 +1 @@ --go1.13.3 -\ No newline at end of file -+go1.13.4 --- -1.8.3.1 diff --git a/backport-0013-release-branch.go1.13-security-src-go.mod-import-x-c.patch b/backport-0013-release-branch.go1.13-security-src-go.mod-import-x-c.patch deleted file mode 100644 index 5a6166b548173a555a66912ceedfca041d44bedc..0000000000000000000000000000000000000000 --- a/backport-0013-release-branch.go1.13-security-src-go.mod-import-x-c.patch +++ /dev/null @@ -1,124 +0,0 @@ -From f938e06d0623d0e1de202575d16f1e126741f6e0 Mon Sep 17 00:00:00 2001 -From: Filippo Valsorda -Date: Fri, 24 Jan 2020 18:04:20 -0500 -Subject: [PATCH] [release-branch.go1.13-security] src/go.mod: import - x/crypto/cryptobyte security fix for 32-bit archs - - cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs - - When int is 32 bits wide (on 32-bit architectures like 386 and arm), an - overflow could occur, causing a panic, due to malformed ASN.1 being - passed to any of the ASN1 methods of String. - - Tested on linux/386 and darwin/amd64. - - This fixes CVE-2020-7919 and was found thanks to the Project Wycheproof - test vectors. - - Change-Id: I8c9696a8bfad1b40ec877cd740dba3467d66ab54 - Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/645211 - Reviewed-by: Katie Hockman - Reviewed-by: Adam Langley - -x/crypto/cryptobyte is used in crypto/x509 for parsing certificates. -Malformed certificates might cause a panic during parsing on 32-bit -architectures (like arm and 386). - -Change-Id: I840feb54eba880dbb96780ef7adcade073c4c4e3 -Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/647741 -Reviewed-by: Katie Hockman ---- - src/go.mod | 2 +- - src/go.sum | 4 ++-- - src/vendor/golang.org/x/crypto/cryptobyte/asn1.go | 5 +++-- - src/vendor/golang.org/x/crypto/cryptobyte/string.go | 7 +------ - src/vendor/modules.txt | 2 +- - 5 files changed, 8 insertions(+), 12 deletions(-) - -diff --git a/src/go.mod b/src/go.mod -index 90af2a7ea0..9c9026f0d8 100644 ---- a/src/go.mod -+++ b/src/go.mod -@@ -3,7 +3,7 @@ module std - go 1.12 - - require ( -- golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 -+ golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68 - golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 - golang.org/x/sys v0.0.0-20190529130038-5219a1e1c5f8 // indirect - golang.org/x/text v0.3.2 // indirect -diff --git a/src/go.sum b/src/go.sum -index e358118e4c..e408f66328 100644 ---- a/src/go.sum -+++ b/src/go.sum -@@ -1,6 +1,6 @@ - golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= --golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU= --golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -+golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68 h1:WPLCzSEbawp58wezcvLvLnvhiDJAai54ESbc41NdXS0= -+golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= - golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= - golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 h1:fHDIZ2oxGnUZRN6WgWFCbYBjH9uqVPRCUVUDhs0wnbA= - golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -diff --git a/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go -index 528b9bff67..f930f7e526 100644 ---- a/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go -+++ b/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go -@@ -470,7 +470,8 @@ func (s *String) ReadASN1GeneralizedTime(out *time.Time) bool { - // It reports whether the read was successful. - func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool { - var bytes String -- if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 { -+ if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 || -+ len(bytes)*8/8 != len(bytes) { - return false - } - -@@ -740,7 +741,7 @@ func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool { - length = headerLen + len32 - } - -- if uint32(int(length)) != length || !s.ReadBytes((*[]byte)(out), int(length)) { -+ if int(length) < 0 || !s.ReadBytes((*[]byte)(out), int(length)) { - return false - } - if skipHeader && !out.Skip(int(headerLen)) { -diff --git a/src/vendor/golang.org/x/crypto/cryptobyte/string.go b/src/vendor/golang.org/x/crypto/cryptobyte/string.go -index 39bf98aeea..589d297e6b 100644 ---- a/src/vendor/golang.org/x/crypto/cryptobyte/string.go -+++ b/src/vendor/golang.org/x/crypto/cryptobyte/string.go -@@ -24,7 +24,7 @@ type String []byte - // read advances a String by n bytes and returns them. If less than n bytes - // remain, it returns nil. - func (s *String) read(n int) []byte { -- if len(*s) < n { -+ if len(*s) < n || n < 0 { - return nil - } - v := (*s)[:n] -@@ -105,11 +105,6 @@ func (s *String) readLengthPrefixed(lenLen int, outChild *String) bool { - length = length << 8 - length = length | uint32(b) - } -- if int(length) < 0 { -- // This currently cannot overflow because we read uint24 at most, but check -- // anyway in case that changes in the future. -- return false -- } - v := s.read(int(length)) - if v == nil { - return false -diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt -index 453a312661..cff8acd02e 100644 ---- a/src/vendor/modules.txt -+++ b/src/vendor/modules.txt -@@ -1,4 +1,4 @@ --# golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 -+# golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68 - golang.org/x/crypto/chacha20poly1305 - golang.org/x/crypto/cryptobyte - golang.org/x/crypto/cryptobyte/asn1 --- -2.17.1 - diff --git a/go1.13.3.src.tar.gz b/go1.13.14.src.tar.gz similarity index 69% rename from go1.13.3.src.tar.gz rename to go1.13.14.src.tar.gz index c3aadce8927e5ac1168fbb816e9d5bfec3be4e2a..54bb9ad5418106161396337c9d7f90f9703720aa 100644 Binary files a/go1.13.3.src.tar.gz and b/go1.13.14.src.tar.gz differ diff --git a/golang.spec b/golang.spec index 5e1bbbb988f7b2f6a80d453bd7bf866542c638f0..8b8287ebacb6a926e78339e153f477ab0658a06e 100644 --- a/golang.spec +++ b/golang.spec @@ -61,12 +61,12 @@ %endif Name: golang -Version: 1.13.4 +Version: 1.13.14 Release: 1 Summary: The Go Programming Language License: BSD and Public Domain -URL: http://golang.org/ -Source0: https://dl.google.com/go/go1.13.3.src.tar.gz +URL: https://golang.org/ +Source0: https://dl.google.com/go/go1.13.14.src.tar.gz %if !%{golang_bootstrap} BuildRequires: gcc-go >= 5 @@ -156,13 +156,7 @@ Patch6005: 0005-runtime-fix-crash-during-VDSO-calls-on-arm.patch Patch6006: 0006-runtime-save-fetch-g-register-during-VDSO-on-ARM-and.patch Patch6007: 0007-runtime-don-t-fetch-G-from-signal-stack-when-using-c.patch Patch6008: 0008-runtime-don-t-save-G-during-VDSO-if-we-re-handling-s.patch -Patch6009: 0009-release-branch.go1.13-net-http-don-t-cache-http2.err.patch -Patch6010: 0010-release-branch.go1.13-net-http-fix-Server.ConnContex.patch -Patch6011: 0011-release-branch.go1.13-runtime-fix-textOff-for-multip.patch -Patch6012: 0012-release-branch.go1.13-runtime-ensure-memmove-write-p.patch -Patch6013: backport-0013-release-branch.go1.13-security-src-go.mod-import-x-c.patch Patch6014: 0013-drop-hard-code-cert.patch -Patch6015: 0014-bump-version-to-1.13.4.patch ExclusiveArch: %{golang_arches} @@ -396,6 +390,9 @@ fi %files devel -f go-tests.list -f go-misc.list -f go-src.list %changelog +* Thu Jul 30 xiadanni - 1.13.14-1 +- upgrade to 1.13.14 + * Thu Jul 23 xiadanni - 1.13-4.1 - bump to 1.13.4