forked from TrueCloudLab/distribution
345be95498
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed in stdlib in go1.19.4 and go1.18.9; > net/http: limit canonical header cache by bytes, not entries > > An attacker can cause excessive memory growth in a Go server accepting > HTTP/2 requests. > > HTTP/2 server connections contain a cache of HTTP header keys sent by > the client. While the total number of entries in this cache is capped, > an attacker sending very large keys can cause the server to allocate > approximately 64 MiB per open connection. > > This issue is also fixed in golang.org/x/net/http2 v0.4.0, > for users manually configuring HTTP/2. full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0 other dependency updates (due to (circular) dependencies): - golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/3c1f35247d10...v0.3.0 - golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.3.7...v0.5.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
79 lines
1.8 KiB
Go
79 lines
1.8 KiB
Go
// Copyright 2021 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// illumos system calls not present on Solaris.
|
|
|
|
//go:build amd64 && illumos
|
|
// +build amd64,illumos
|
|
|
|
package unix
|
|
|
|
import (
|
|
"unsafe"
|
|
)
|
|
|
|
func bytes2iovec(bs [][]byte) []Iovec {
|
|
iovecs := make([]Iovec, len(bs))
|
|
for i, b := range bs {
|
|
iovecs[i].SetLen(len(b))
|
|
if len(b) > 0 {
|
|
iovecs[i].Base = &b[0]
|
|
} else {
|
|
iovecs[i].Base = (*byte)(unsafe.Pointer(&_zero))
|
|
}
|
|
}
|
|
return iovecs
|
|
}
|
|
|
|
//sys readv(fd int, iovs []Iovec) (n int, err error)
|
|
|
|
func Readv(fd int, iovs [][]byte) (n int, err error) {
|
|
iovecs := bytes2iovec(iovs)
|
|
n, err = readv(fd, iovecs)
|
|
return n, err
|
|
}
|
|
|
|
//sys preadv(fd int, iovs []Iovec, off int64) (n int, err error)
|
|
|
|
func Preadv(fd int, iovs [][]byte, off int64) (n int, err error) {
|
|
iovecs := bytes2iovec(iovs)
|
|
n, err = preadv(fd, iovecs, off)
|
|
return n, err
|
|
}
|
|
|
|
//sys writev(fd int, iovs []Iovec) (n int, err error)
|
|
|
|
func Writev(fd int, iovs [][]byte) (n int, err error) {
|
|
iovecs := bytes2iovec(iovs)
|
|
n, err = writev(fd, iovecs)
|
|
return n, err
|
|
}
|
|
|
|
//sys pwritev(fd int, iovs []Iovec, off int64) (n int, err error)
|
|
|
|
func Pwritev(fd int, iovs [][]byte, off int64) (n int, err error) {
|
|
iovecs := bytes2iovec(iovs)
|
|
n, err = pwritev(fd, iovecs, off)
|
|
return n, err
|
|
}
|
|
|
|
//sys accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) = libsocket.accept4
|
|
|
|
func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) {
|
|
var rsa RawSockaddrAny
|
|
var len _Socklen = SizeofSockaddrAny
|
|
nfd, err = accept4(fd, &rsa, &len, flags)
|
|
if err != nil {
|
|
return
|
|
}
|
|
if len > SizeofSockaddrAny {
|
|
panic("RawSockaddrAny too small")
|
|
}
|
|
sa, err = anyToSockaddr(fd, &rsa)
|
|
if err != nil {
|
|
Close(nfd)
|
|
nfd = 0
|
|
}
|
|
return
|
|
}
|