345be95498
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed in stdlib in go1.19.4 and go1.18.9; > net/http: limit canonical header cache by bytes, not entries > > An attacker can cause excessive memory growth in a Go server accepting > HTTP/2 requests. > > HTTP/2 server connections contain a cache of HTTP header keys sent by > the client. While the total number of entries in this cache is capped, > an attacker sending very large keys can cause the server to allocate > approximately 64 MiB per open connection. > > This issue is also fixed in golang.org/x/net/http2 v0.4.0, > for users manually configuring HTTP/2. full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0 other dependency updates (due to (circular) dependencies): - golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/3c1f35247d10...v0.3.0 - golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.3.7...v0.5.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
52 lines
1.4 KiB
Go
52 lines
1.4 KiB
Go
// Copyright 2021 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
//go:build (darwin && !ios) || linux
|
|
// +build darwin,!ios linux
|
|
|
|
package unix
|
|
|
|
import "unsafe"
|
|
|
|
// SysvShmAttach attaches the Sysv shared memory segment associated with the
|
|
// shared memory identifier id.
|
|
func SysvShmAttach(id int, addr uintptr, flag int) ([]byte, error) {
|
|
addr, errno := shmat(id, addr, flag)
|
|
if errno != nil {
|
|
return nil, errno
|
|
}
|
|
|
|
// Retrieve the size of the shared memory to enable slice creation
|
|
var info SysvShmDesc
|
|
|
|
_, err := SysvShmCtl(id, IPC_STAT, &info)
|
|
if err != nil {
|
|
// release the shared memory if we can't find the size
|
|
|
|
// ignoring error from shmdt as there's nothing sensible to return here
|
|
shmdt(addr)
|
|
return nil, err
|
|
}
|
|
|
|
// Use unsafe to convert addr into a []byte.
|
|
b := unsafe.Slice((*byte)(unsafe.Pointer(addr)), int(info.Segsz))
|
|
return b, nil
|
|
}
|
|
|
|
// SysvShmDetach unmaps the shared memory slice returned from SysvShmAttach.
|
|
//
|
|
// It is not safe to use the slice after calling this function.
|
|
func SysvShmDetach(data []byte) error {
|
|
if len(data) == 0 {
|
|
return EINVAL
|
|
}
|
|
|
|
return shmdt(uintptr(unsafe.Pointer(&data[0])))
|
|
}
|
|
|
|
// SysvShmGet returns the Sysv shared memory identifier associated with key.
|
|
// If the IPC_CREAT flag is specified a new segment is created.
|
|
func SysvShmGet(key, size, flag int) (id int, err error) {
|
|
return shmget(key, size, flag)
|
|
}
|