From bb95d09f9a07bc0fed10c4d1e8f5fe9d7c41883e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 31 Jan 2022 16:07:40 +0100 Subject: [PATCH 1/8] staticcheck: ignore "SA1019: strings.Title is deprecated" This function is marked deprecated in Go 1.18; however, the suggested replacement brings in a large amount of new code, and most strings we generate will be ASCII, so this would only be in case it's used for some user-provided string. We also don't have a language to use, so would be using the "default". Adding a `//nolint` comment to suppress the linting failure instead. daemon/logger/templates/templates.go:23:14: SA1019: strings.Title is deprecated: The rule Title uses for word boundaries does not handle Unicode punctuation properly. Use golang.org/x/text/cases instead. (staticcheck) "title": strings.Title, ^ pkg/plugins/pluginrpc-gen/template.go:67:9: SA1019: strings.Title is deprecated: The rule Title uses for word boundaries does not handle Unicode punctuation properly. Use golang.org/x/text/cases instead. (staticcheck) return strings.Title(s) ^ Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 4203a97aad9a7a54fe2d5354155eb7ef3ce0c7da) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/templates/templates.go | 2 +- pkg/plugins/pluginrpc-gen/template.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/daemon/logger/templates/templates.go b/daemon/logger/templates/templates.go index ab76d0f1c2e5a..d8b4ce5d85639 100644 --- a/daemon/logger/templates/templates.go +++ b/daemon/logger/templates/templates.go @@ -20,7 +20,7 @@ var basicFunctions = template.FuncMap{ }, "split": strings.Split, "join": strings.Join, - "title": strings.Title, + "title": strings.Title, //nolint:staticcheck // SA1019: strings.Title is deprecated: The rule Title uses for word boundaries does not handle Unicode punctuation properly. Use golang.org/x/text/cases instead. "lower": strings.ToLower, "upper": strings.ToUpper, "pad": padWithSpace, diff --git a/pkg/plugins/pluginrpc-gen/template.go b/pkg/plugins/pluginrpc-gen/template.go index 50ed9293c116b..c34a5add11c50 100644 --- a/pkg/plugins/pluginrpc-gen/template.go +++ b/pkg/plugins/pluginrpc-gen/template.go @@ -64,7 +64,7 @@ func title(s string) string { if strings.ToLower(s) == "id" { return "ID" } - return strings.Title(s) + return strings.Title(s) //nolint:staticcheck // SA1019: strings.Title is deprecated: The rule Title uses for word boundaries does not handle Unicode punctuation properly. Use golang.org/x/text/cases instead. } var generatedTempl = template.Must(template.New("rpc_cient").Funcs(templFuncs).Parse(` From 0bc432241e44f6132aa90a226cd937eb7686b9dc Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 27 Jan 2022 23:07:24 +0100 Subject: [PATCH 2/8] update golang to 1.18.0 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 590e34eaf4733b6400195b317679997ffae78f86) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 37bf4157c524c..770ab20226002 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.17.13 +ARG GO_VERSION=1.18.0 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index e0c61e2108981..1651c6888807f 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.17.13 +ARG GO_VERSION=1.18.0 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 1db20c1e35f75..15261efc97233 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.17.13 +ARG GO_VERSION=1.18.0 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index b0ee068aab3bb..04f30d5ee02cb 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.17.13 +ARG GO_VERSION=1.18.0 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From 7ba67d05a824e29d33400fcbebf41f0c0932ad91 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 18 Aug 2022 16:54:03 +0200 Subject: [PATCH 3/8] [20.10] vendor: update archive/tar for go 1.18 Signed-off-by: Sebastiaan van Stijn --- vendor/archive/tar/common.go | 40 ++++----- vendor/archive/tar/format.go | 138 ++++++++++++++--------------- vendor/archive/tar/fuzz_test.go | 80 +++++++++++++++++ vendor/archive/tar/reader.go | 102 ++++++++++----------- vendor/archive/tar/reader_test.go | 30 +++---- vendor/archive/tar/stat_actime1.go | 1 - vendor/archive/tar/stat_actime2.go | 1 - vendor/archive/tar/stat_unix.go | 1 - vendor/archive/tar/strconv.go | 43 +++------ vendor/archive/tar/tar_test.go | 2 +- vendor/archive/tar/writer.go | 89 ++++++++++--------- vendor/archive/tar/writer_test.go | 24 +++-- 12 files changed, 306 insertions(+), 245 deletions(-) create mode 100644 vendor/archive/tar/fuzz_test.go diff --git a/vendor/archive/tar/common.go b/vendor/archive/tar/common.go index c667cfc8720b5..c99b5c19207f7 100644 --- a/vendor/archive/tar/common.go +++ b/vendor/archive/tar/common.go @@ -316,10 +316,10 @@ func invertSparseEntries(src []sparseEntry, size int64) []sparseEntry { // fileState tracks the number of logical (includes sparse holes) and physical // (actual in tar archive) bytes remaining for the current file. // -// Invariant: LogicalRemaining >= PhysicalRemaining +// Invariant: logicalRemaining >= physicalRemaining type fileState interface { - LogicalRemaining() int64 - PhysicalRemaining() int64 + logicalRemaining() int64 + physicalRemaining() int64 } // allowedFormats determines which formats can be used. @@ -413,22 +413,22 @@ func (h Header) allowedFormats() (format Format, paxHdrs map[string]string, err // Check basic fields. var blk block - v7 := blk.V7() - ustar := blk.USTAR() - gnu := blk.GNU() - verifyString(h.Name, len(v7.Name()), "Name", paxPath) - verifyString(h.Linkname, len(v7.LinkName()), "Linkname", paxLinkpath) - verifyString(h.Uname, len(ustar.UserName()), "Uname", paxUname) - verifyString(h.Gname, len(ustar.GroupName()), "Gname", paxGname) - verifyNumeric(h.Mode, len(v7.Mode()), "Mode", paxNone) - verifyNumeric(int64(h.Uid), len(v7.UID()), "Uid", paxUid) - verifyNumeric(int64(h.Gid), len(v7.GID()), "Gid", paxGid) - verifyNumeric(h.Size, len(v7.Size()), "Size", paxSize) - verifyNumeric(h.Devmajor, len(ustar.DevMajor()), "Devmajor", paxNone) - verifyNumeric(h.Devminor, len(ustar.DevMinor()), "Devminor", paxNone) - verifyTime(h.ModTime, len(v7.ModTime()), "ModTime", paxMtime) - verifyTime(h.AccessTime, len(gnu.AccessTime()), "AccessTime", paxAtime) - verifyTime(h.ChangeTime, len(gnu.ChangeTime()), "ChangeTime", paxCtime) + v7 := blk.toV7() + ustar := blk.toUSTAR() + gnu := blk.toGNU() + verifyString(h.Name, len(v7.name()), "Name", paxPath) + verifyString(h.Linkname, len(v7.linkName()), "Linkname", paxLinkpath) + verifyString(h.Uname, len(ustar.userName()), "Uname", paxUname) + verifyString(h.Gname, len(ustar.groupName()), "Gname", paxGname) + verifyNumeric(h.Mode, len(v7.mode()), "Mode", paxNone) + verifyNumeric(int64(h.Uid), len(v7.uid()), "Uid", paxUid) + verifyNumeric(int64(h.Gid), len(v7.gid()), "Gid", paxGid) + verifyNumeric(h.Size, len(v7.size()), "Size", paxSize) + verifyNumeric(h.Devmajor, len(ustar.devMajor()), "Devmajor", paxNone) + verifyNumeric(h.Devminor, len(ustar.devMinor()), "Devminor", paxNone) + verifyTime(h.ModTime, len(v7.modTime()), "ModTime", paxMtime) + verifyTime(h.AccessTime, len(gnu.accessTime()), "AccessTime", paxAtime) + verifyTime(h.ChangeTime, len(gnu.changeTime()), "ChangeTime", paxCtime) // Check for header-only types. var whyOnlyPAX, whyOnlyGNU string @@ -538,7 +538,7 @@ type headerFileInfo struct { func (fi headerFileInfo) Size() int64 { return fi.h.Size } func (fi headerFileInfo) IsDir() bool { return fi.Mode().IsDir() } func (fi headerFileInfo) ModTime() time.Time { return fi.h.ModTime } -func (fi headerFileInfo) Sys() interface{} { return fi.h } +func (fi headerFileInfo) Sys() any { return fi.h } // Name returns the base name of the file. func (fi headerFileInfo) Name() string { diff --git a/vendor/archive/tar/format.go b/vendor/archive/tar/format.go index cfe24a5e1d339..21b9d9d4dbc62 100644 --- a/vendor/archive/tar/format.go +++ b/vendor/archive/tar/format.go @@ -156,28 +156,28 @@ var zeroBlock block type block [blockSize]byte // Convert block to any number of formats. -func (b *block) V7() *headerV7 { return (*headerV7)(b) } -func (b *block) GNU() *headerGNU { return (*headerGNU)(b) } -func (b *block) STAR() *headerSTAR { return (*headerSTAR)(b) } -func (b *block) USTAR() *headerUSTAR { return (*headerUSTAR)(b) } -func (b *block) Sparse() sparseArray { return sparseArray(b[:]) } +func (b *block) toV7() *headerV7 { return (*headerV7)(b) } +func (b *block) toGNU() *headerGNU { return (*headerGNU)(b) } +func (b *block) toSTAR() *headerSTAR { return (*headerSTAR)(b) } +func (b *block) toUSTAR() *headerUSTAR { return (*headerUSTAR)(b) } +func (b *block) toSparse() sparseArray { return sparseArray(b[:]) } // GetFormat checks that the block is a valid tar header based on the checksum. // It then attempts to guess the specific format based on magic values. // If the checksum fails, then FormatUnknown is returned. -func (b *block) GetFormat() Format { +func (b *block) getFormat() Format { // Verify checksum. var p parser - value := p.parseOctal(b.V7().Chksum()) - chksum1, chksum2 := b.ComputeChecksum() + value := p.parseOctal(b.toV7().chksum()) + chksum1, chksum2 := b.computeChecksum() if p.err != nil || (value != chksum1 && value != chksum2) { return FormatUnknown } // Guess the magic values. - magic := string(b.USTAR().Magic()) - version := string(b.USTAR().Version()) - trailer := string(b.STAR().Trailer()) + magic := string(b.toUSTAR().magic()) + version := string(b.toUSTAR().version()) + trailer := string(b.toSTAR().trailer()) switch { case magic == magicUSTAR && trailer == trailerSTAR: return formatSTAR @@ -190,23 +190,23 @@ func (b *block) GetFormat() Format { } } -// SetFormat writes the magic values necessary for specified format +// setFormat writes the magic values necessary for specified format // and then updates the checksum accordingly. -func (b *block) SetFormat(format Format) { +func (b *block) setFormat(format Format) { // Set the magic values. switch { case format.has(formatV7): // Do nothing. case format.has(FormatGNU): - copy(b.GNU().Magic(), magicGNU) - copy(b.GNU().Version(), versionGNU) + copy(b.toGNU().magic(), magicGNU) + copy(b.toGNU().version(), versionGNU) case format.has(formatSTAR): - copy(b.STAR().Magic(), magicUSTAR) - copy(b.STAR().Version(), versionUSTAR) - copy(b.STAR().Trailer(), trailerSTAR) + copy(b.toSTAR().magic(), magicUSTAR) + copy(b.toSTAR().version(), versionUSTAR) + copy(b.toSTAR().trailer(), trailerSTAR) case format.has(FormatUSTAR | FormatPAX): - copy(b.USTAR().Magic(), magicUSTAR) - copy(b.USTAR().Version(), versionUSTAR) + copy(b.toUSTAR().magic(), magicUSTAR) + copy(b.toUSTAR().version(), versionUSTAR) default: panic("invalid format") } @@ -214,17 +214,17 @@ func (b *block) SetFormat(format Format) { // Update checksum. // This field is special in that it is terminated by a NULL then space. var f formatter - field := b.V7().Chksum() - chksum, _ := b.ComputeChecksum() // Possible values are 256..128776 + field := b.toV7().chksum() + chksum, _ := b.computeChecksum() // Possible values are 256..128776 f.formatOctal(field[:7], chksum) // Never fails since 128776 < 262143 field[7] = ' ' } -// ComputeChecksum computes the checksum for the header block. +// computeChecksum computes the checksum for the header block. // POSIX specifies a sum of the unsigned byte values, but the Sun tar used // signed byte values. // We compute and return both. -func (b *block) ComputeChecksum() (unsigned, signed int64) { +func (b *block) computeChecksum() (unsigned, signed int64) { for i, c := range b { if 148 <= i && i < 156 { c = ' ' // Treat the checksum field itself as all spaces. @@ -236,68 +236,68 @@ func (b *block) ComputeChecksum() (unsigned, signed int64) { } // Reset clears the block with all zeros. -func (b *block) Reset() { +func (b *block) reset() { *b = block{} } type headerV7 [blockSize]byte -func (h *headerV7) Name() []byte { return h[000:][:100] } -func (h *headerV7) Mode() []byte { return h[100:][:8] } -func (h *headerV7) UID() []byte { return h[108:][:8] } -func (h *headerV7) GID() []byte { return h[116:][:8] } -func (h *headerV7) Size() []byte { return h[124:][:12] } -func (h *headerV7) ModTime() []byte { return h[136:][:12] } -func (h *headerV7) Chksum() []byte { return h[148:][:8] } -func (h *headerV7) TypeFlag() []byte { return h[156:][:1] } -func (h *headerV7) LinkName() []byte { return h[157:][:100] } +func (h *headerV7) name() []byte { return h[000:][:100] } +func (h *headerV7) mode() []byte { return h[100:][:8] } +func (h *headerV7) uid() []byte { return h[108:][:8] } +func (h *headerV7) gid() []byte { return h[116:][:8] } +func (h *headerV7) size() []byte { return h[124:][:12] } +func (h *headerV7) modTime() []byte { return h[136:][:12] } +func (h *headerV7) chksum() []byte { return h[148:][:8] } +func (h *headerV7) typeFlag() []byte { return h[156:][:1] } +func (h *headerV7) linkName() []byte { return h[157:][:100] } type headerGNU [blockSize]byte -func (h *headerGNU) V7() *headerV7 { return (*headerV7)(h) } -func (h *headerGNU) Magic() []byte { return h[257:][:6] } -func (h *headerGNU) Version() []byte { return h[263:][:2] } -func (h *headerGNU) UserName() []byte { return h[265:][:32] } -func (h *headerGNU) GroupName() []byte { return h[297:][:32] } -func (h *headerGNU) DevMajor() []byte { return h[329:][:8] } -func (h *headerGNU) DevMinor() []byte { return h[337:][:8] } -func (h *headerGNU) AccessTime() []byte { return h[345:][:12] } -func (h *headerGNU) ChangeTime() []byte { return h[357:][:12] } -func (h *headerGNU) Sparse() sparseArray { return sparseArray(h[386:][:24*4+1]) } -func (h *headerGNU) RealSize() []byte { return h[483:][:12] } +func (h *headerGNU) v7() *headerV7 { return (*headerV7)(h) } +func (h *headerGNU) magic() []byte { return h[257:][:6] } +func (h *headerGNU) version() []byte { return h[263:][:2] } +func (h *headerGNU) userName() []byte { return h[265:][:32] } +func (h *headerGNU) groupName() []byte { return h[297:][:32] } +func (h *headerGNU) devMajor() []byte { return h[329:][:8] } +func (h *headerGNU) devMinor() []byte { return h[337:][:8] } +func (h *headerGNU) accessTime() []byte { return h[345:][:12] } +func (h *headerGNU) changeTime() []byte { return h[357:][:12] } +func (h *headerGNU) sparse() sparseArray { return sparseArray(h[386:][:24*4+1]) } +func (h *headerGNU) realSize() []byte { return h[483:][:12] } type headerSTAR [blockSize]byte -func (h *headerSTAR) V7() *headerV7 { return (*headerV7)(h) } -func (h *headerSTAR) Magic() []byte { return h[257:][:6] } -func (h *headerSTAR) Version() []byte { return h[263:][:2] } -func (h *headerSTAR) UserName() []byte { return h[265:][:32] } -func (h *headerSTAR) GroupName() []byte { return h[297:][:32] } -func (h *headerSTAR) DevMajor() []byte { return h[329:][:8] } -func (h *headerSTAR) DevMinor() []byte { return h[337:][:8] } -func (h *headerSTAR) Prefix() []byte { return h[345:][:131] } -func (h *headerSTAR) AccessTime() []byte { return h[476:][:12] } -func (h *headerSTAR) ChangeTime() []byte { return h[488:][:12] } -func (h *headerSTAR) Trailer() []byte { return h[508:][:4] } +func (h *headerSTAR) v7() *headerV7 { return (*headerV7)(h) } +func (h *headerSTAR) magic() []byte { return h[257:][:6] } +func (h *headerSTAR) version() []byte { return h[263:][:2] } +func (h *headerSTAR) userName() []byte { return h[265:][:32] } +func (h *headerSTAR) groupName() []byte { return h[297:][:32] } +func (h *headerSTAR) devMajor() []byte { return h[329:][:8] } +func (h *headerSTAR) devMinor() []byte { return h[337:][:8] } +func (h *headerSTAR) prefix() []byte { return h[345:][:131] } +func (h *headerSTAR) accessTime() []byte { return h[476:][:12] } +func (h *headerSTAR) changeTime() []byte { return h[488:][:12] } +func (h *headerSTAR) trailer() []byte { return h[508:][:4] } type headerUSTAR [blockSize]byte -func (h *headerUSTAR) V7() *headerV7 { return (*headerV7)(h) } -func (h *headerUSTAR) Magic() []byte { return h[257:][:6] } -func (h *headerUSTAR) Version() []byte { return h[263:][:2] } -func (h *headerUSTAR) UserName() []byte { return h[265:][:32] } -func (h *headerUSTAR) GroupName() []byte { return h[297:][:32] } -func (h *headerUSTAR) DevMajor() []byte { return h[329:][:8] } -func (h *headerUSTAR) DevMinor() []byte { return h[337:][:8] } -func (h *headerUSTAR) Prefix() []byte { return h[345:][:155] } +func (h *headerUSTAR) v7() *headerV7 { return (*headerV7)(h) } +func (h *headerUSTAR) magic() []byte { return h[257:][:6] } +func (h *headerUSTAR) version() []byte { return h[263:][:2] } +func (h *headerUSTAR) userName() []byte { return h[265:][:32] } +func (h *headerUSTAR) groupName() []byte { return h[297:][:32] } +func (h *headerUSTAR) devMajor() []byte { return h[329:][:8] } +func (h *headerUSTAR) devMinor() []byte { return h[337:][:8] } +func (h *headerUSTAR) prefix() []byte { return h[345:][:155] } type sparseArray []byte -func (s sparseArray) Entry(i int) sparseElem { return sparseElem(s[i*24:]) } -func (s sparseArray) IsExtended() []byte { return s[24*s.MaxEntries():][:1] } -func (s sparseArray) MaxEntries() int { return len(s) / 24 } +func (s sparseArray) entry(i int) sparseElem { return sparseElem(s[i*24:]) } +func (s sparseArray) isExtended() []byte { return s[24*s.maxEntries():][:1] } +func (s sparseArray) maxEntries() int { return len(s) / 24 } type sparseElem []byte -func (s sparseElem) Offset() []byte { return s[00:][:12] } -func (s sparseElem) Length() []byte { return s[12:][:12] } +func (s sparseElem) offset() []byte { return s[00:][:12] } +func (s sparseElem) length() []byte { return s[12:][:12] } diff --git a/vendor/archive/tar/fuzz_test.go b/vendor/archive/tar/fuzz_test.go new file mode 100644 index 0000000000000..e73e0d2609e50 --- /dev/null +++ b/vendor/archive/tar/fuzz_test.go @@ -0,0 +1,80 @@ +// Copyright 2021 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package tar + +import ( + "bytes" + "io" + "testing" +) + +func FuzzReader(f *testing.F) { + b := bytes.NewBuffer(nil) + w := NewWriter(b) + inp := []byte("Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.") + err := w.WriteHeader(&Header{ + Name: "lorem.txt", + Mode: 0600, + Size: int64(len(inp)), + }) + if err != nil { + f.Fatalf("failed to create writer: %s", err) + } + _, err = w.Write(inp) + if err != nil { + f.Fatalf("failed to write file to archive: %s", err) + } + if err := w.Close(); err != nil { + f.Fatalf("failed to write archive: %s", err) + } + f.Add(b.Bytes()) + + f.Fuzz(func(t *testing.T, b []byte) { + r := NewReader(bytes.NewReader(b)) + type file struct { + header *Header + content []byte + } + files := []file{} + for { + hdr, err := r.Next() + if err == io.EOF { + break + } + if err != nil { + return + } + buf := bytes.NewBuffer(nil) + if _, err := io.Copy(buf, r); err != nil { + continue + } + files = append(files, file{header: hdr, content: buf.Bytes()}) + } + + // If we were unable to read anything out of the archive don't + // bother trying to roundtrip it. + if len(files) == 0 { + return + } + + out := bytes.NewBuffer(nil) + w := NewWriter(out) + for _, f := range files { + if err := w.WriteHeader(f.header); err != nil { + t.Fatalf("unable to write previously parsed header: %s", err) + } + if _, err := w.Write(f.content); err != nil { + t.Fatalf("unable to write previously parsed content: %s", err) + } + } + if err := w.Close(); err != nil { + t.Fatalf("Unable to write archive: %s", err) + } + + // TODO: We may want to check if the archive roundtrips. This would require + // taking into account addition of the two zero trailer blocks that Writer.Close + // appends. + }) +} diff --git a/vendor/archive/tar/reader.go b/vendor/archive/tar/reader.go index 1b1d5b46891b6..4b11909bc9527 100644 --- a/vendor/archive/tar/reader.go +++ b/vendor/archive/tar/reader.go @@ -65,7 +65,7 @@ func (tr *Reader) next() (*Header, error) { format := FormatUSTAR | FormatPAX | FormatGNU for { // Discard the remainder of the file and any padding. - if err := discard(tr.r, tr.curr.PhysicalRemaining()); err != nil { + if err := discard(tr.r, tr.curr.physicalRemaining()); err != nil { return nil, err } if _, err := tryReadFull(tr.r, tr.blk[:tr.pad]); err != nil { @@ -355,7 +355,7 @@ func (tr *Reader) readHeader() (*Header, *block, error) { } // Verify the header matches a known format. - format := tr.blk.GetFormat() + format := tr.blk.getFormat() if format == FormatUnknown { return nil, nil, ErrHeader } @@ -364,30 +364,30 @@ func (tr *Reader) readHeader() (*Header, *block, error) { hdr := new(Header) // Unpack the V7 header. - v7 := tr.blk.V7() - hdr.Typeflag = v7.TypeFlag()[0] - hdr.Name = p.parseString(v7.Name()) - hdr.Linkname = p.parseString(v7.LinkName()) - hdr.Size = p.parseNumeric(v7.Size()) - hdr.Mode = p.parseNumeric(v7.Mode()) - hdr.Uid = int(p.parseNumeric(v7.UID())) - hdr.Gid = int(p.parseNumeric(v7.GID())) - hdr.ModTime = time.Unix(p.parseNumeric(v7.ModTime()), 0) + v7 := tr.blk.toV7() + hdr.Typeflag = v7.typeFlag()[0] + hdr.Name = p.parseString(v7.name()) + hdr.Linkname = p.parseString(v7.linkName()) + hdr.Size = p.parseNumeric(v7.size()) + hdr.Mode = p.parseNumeric(v7.mode()) + hdr.Uid = int(p.parseNumeric(v7.uid())) + hdr.Gid = int(p.parseNumeric(v7.gid())) + hdr.ModTime = time.Unix(p.parseNumeric(v7.modTime()), 0) // Unpack format specific fields. if format > formatV7 { - ustar := tr.blk.USTAR() - hdr.Uname = p.parseString(ustar.UserName()) - hdr.Gname = p.parseString(ustar.GroupName()) - hdr.Devmajor = p.parseNumeric(ustar.DevMajor()) - hdr.Devminor = p.parseNumeric(ustar.DevMinor()) + ustar := tr.blk.toUSTAR() + hdr.Uname = p.parseString(ustar.userName()) + hdr.Gname = p.parseString(ustar.groupName()) + hdr.Devmajor = p.parseNumeric(ustar.devMajor()) + hdr.Devminor = p.parseNumeric(ustar.devMinor()) var prefix string switch { case format.has(FormatUSTAR | FormatPAX): hdr.Format = format - ustar := tr.blk.USTAR() - prefix = p.parseString(ustar.Prefix()) + ustar := tr.blk.toUSTAR() + prefix = p.parseString(ustar.prefix()) // For Format detection, check if block is properly formatted since // the parser is more liberal than what USTAR actually permits. @@ -396,23 +396,23 @@ func (tr *Reader) readHeader() (*Header, *block, error) { hdr.Format = FormatUnknown // Non-ASCII characters in block. } nul := func(b []byte) bool { return int(b[len(b)-1]) == 0 } - if !(nul(v7.Size()) && nul(v7.Mode()) && nul(v7.UID()) && nul(v7.GID()) && - nul(v7.ModTime()) && nul(ustar.DevMajor()) && nul(ustar.DevMinor())) { + if !(nul(v7.size()) && nul(v7.mode()) && nul(v7.uid()) && nul(v7.gid()) && + nul(v7.modTime()) && nul(ustar.devMajor()) && nul(ustar.devMinor())) { hdr.Format = FormatUnknown // Numeric fields must end in NUL } case format.has(formatSTAR): - star := tr.blk.STAR() - prefix = p.parseString(star.Prefix()) - hdr.AccessTime = time.Unix(p.parseNumeric(star.AccessTime()), 0) - hdr.ChangeTime = time.Unix(p.parseNumeric(star.ChangeTime()), 0) + star := tr.blk.toSTAR() + prefix = p.parseString(star.prefix()) + hdr.AccessTime = time.Unix(p.parseNumeric(star.accessTime()), 0) + hdr.ChangeTime = time.Unix(p.parseNumeric(star.changeTime()), 0) case format.has(FormatGNU): hdr.Format = format var p2 parser - gnu := tr.blk.GNU() - if b := gnu.AccessTime(); b[0] != 0 { + gnu := tr.blk.toGNU() + if b := gnu.accessTime(); b[0] != 0 { hdr.AccessTime = time.Unix(p2.parseNumeric(b), 0) } - if b := gnu.ChangeTime(); b[0] != 0 { + if b := gnu.changeTime(); b[0] != 0 { hdr.ChangeTime = time.Unix(p2.parseNumeric(b), 0) } @@ -439,8 +439,8 @@ func (tr *Reader) readHeader() (*Header, *block, error) { // See https://golang.org/issues/21005 if p2.err != nil { hdr.AccessTime, hdr.ChangeTime = time.Time{}, time.Time{} - ustar := tr.blk.USTAR() - if s := p.parseString(ustar.Prefix()); isASCII(s) { + ustar := tr.blk.toUSTAR() + if s := p.parseString(ustar.prefix()); isASCII(s) { prefix = s } hdr.Format = FormatUnknown // Buggy file is not GNU @@ -465,38 +465,38 @@ func (tr *Reader) readOldGNUSparseMap(hdr *Header, blk *block) (sparseDatas, err // Make sure that the input format is GNU. // Unfortunately, the STAR format also has a sparse header format that uses // the same type flag but has a completely different layout. - if blk.GetFormat() != FormatGNU { + if blk.getFormat() != FormatGNU { return nil, ErrHeader } hdr.Format.mayOnlyBe(FormatGNU) var p parser - hdr.Size = p.parseNumeric(blk.GNU().RealSize()) + hdr.Size = p.parseNumeric(blk.toGNU().realSize()) if p.err != nil { return nil, p.err } - s := blk.GNU().Sparse() - spd := make(sparseDatas, 0, s.MaxEntries()) + s := blk.toGNU().sparse() + spd := make(sparseDatas, 0, s.maxEntries()) for { - for i := 0; i < s.MaxEntries(); i++ { + for i := 0; i < s.maxEntries(); i++ { // This termination condition is identical to GNU and BSD tar. - if s.Entry(i).Offset()[0] == 0x00 { + if s.entry(i).offset()[0] == 0x00 { break // Don't return, need to process extended headers (even if empty) } - offset := p.parseNumeric(s.Entry(i).Offset()) - length := p.parseNumeric(s.Entry(i).Length()) + offset := p.parseNumeric(s.entry(i).offset()) + length := p.parseNumeric(s.entry(i).length()) if p.err != nil { return nil, p.err } spd = append(spd, sparseEntry{Offset: offset, Length: length}) } - if s.IsExtended()[0] > 0 { + if s.isExtended()[0] > 0 { // There are more entries. Read an extension header and parse its entries. if _, err := mustReadFull(tr.r, blk[:]); err != nil { return nil, err } - s = blk.Sparse() + s = blk.toSparse() continue } return spd, nil // Done @@ -678,11 +678,13 @@ func (fr *regFileReader) WriteTo(w io.Writer) (int64, error) { return io.Copy(w, struct{ io.Reader }{fr}) } -func (fr regFileReader) LogicalRemaining() int64 { +// logicalRemaining implements fileState.logicalRemaining. +func (fr regFileReader) logicalRemaining() int64 { return fr.nb } -func (fr regFileReader) PhysicalRemaining() int64 { +// logicalRemaining implements fileState.physicalRemaining. +func (fr regFileReader) physicalRemaining() int64 { return fr.nb } @@ -694,9 +696,9 @@ type sparseFileReader struct { } func (sr *sparseFileReader) Read(b []byte) (n int, err error) { - finished := int64(len(b)) >= sr.LogicalRemaining() + finished := int64(len(b)) >= sr.logicalRemaining() if finished { - b = b[:sr.LogicalRemaining()] + b = b[:sr.logicalRemaining()] } b0 := b @@ -724,7 +726,7 @@ func (sr *sparseFileReader) Read(b []byte) (n int, err error) { return n, errMissData // Less data in dense file than sparse file case err != nil: return n, err - case sr.LogicalRemaining() == 0 && sr.PhysicalRemaining() > 0: + case sr.logicalRemaining() == 0 && sr.physicalRemaining() > 0: return n, errUnrefData // More data in dense file than sparse file case finished: return n, io.EOF @@ -746,7 +748,7 @@ func (sr *sparseFileReader) WriteTo(w io.Writer) (n int64, err error) { var writeLastByte bool pos0 := sr.pos - for sr.LogicalRemaining() > 0 && !writeLastByte && err == nil { + for sr.logicalRemaining() > 0 && !writeLastByte && err == nil { var nf int64 // Size of fragment holeStart, holeEnd := sr.sp[0].Offset, sr.sp[0].endOffset() if sr.pos < holeStart { // In a data fragment @@ -754,7 +756,7 @@ func (sr *sparseFileReader) WriteTo(w io.Writer) (n int64, err error) { nf, err = io.CopyN(ws, sr.fr, nf) } else { // In a hole fragment nf = holeEnd - sr.pos - if sr.PhysicalRemaining() == 0 { + if sr.physicalRemaining() == 0 { writeLastByte = true nf-- } @@ -779,18 +781,18 @@ func (sr *sparseFileReader) WriteTo(w io.Writer) (n int64, err error) { return n, errMissData // Less data in dense file than sparse file case err != nil: return n, err - case sr.LogicalRemaining() == 0 && sr.PhysicalRemaining() > 0: + case sr.logicalRemaining() == 0 && sr.physicalRemaining() > 0: return n, errUnrefData // More data in dense file than sparse file default: return n, nil } } -func (sr sparseFileReader) LogicalRemaining() int64 { +func (sr sparseFileReader) logicalRemaining() int64 { return sr.sp[len(sr.sp)-1].endOffset() - sr.pos } -func (sr sparseFileReader) PhysicalRemaining() int64 { - return sr.fr.PhysicalRemaining() +func (sr sparseFileReader) physicalRemaining() int64 { + return sr.fr.physicalRemaining() } type zeroReader struct{} diff --git a/vendor/archive/tar/reader_test.go b/vendor/archive/tar/reader_test.go index 789ddc1bc0345..f21a6065b4857 100644 --- a/vendor/archive/tar/reader_test.go +++ b/vendor/archive/tar/reader_test.go @@ -1021,12 +1021,12 @@ func TestParsePAX(t *testing.T) { func TestReadOldGNUSparseMap(t *testing.T) { populateSparseMap := func(sa sparseArray, sps []string) []string { - for i := 0; len(sps) > 0 && i < sa.MaxEntries(); i++ { - copy(sa.Entry(i), sps[0]) + for i := 0; len(sps) > 0 && i < sa.maxEntries(); i++ { + copy(sa.entry(i), sps[0]) sps = sps[1:] } if len(sps) > 0 { - copy(sa.IsExtended(), "\x80") + copy(sa.isExtended(), "\x80") } return sps } @@ -1034,19 +1034,19 @@ func TestReadOldGNUSparseMap(t *testing.T) { makeInput := func(format Format, size string, sps ...string) (out []byte) { // Write the initial GNU header. var blk block - gnu := blk.GNU() - sparse := gnu.Sparse() - copy(gnu.RealSize(), size) + gnu := blk.toGNU() + sparse := gnu.sparse() + copy(gnu.realSize(), size) sps = populateSparseMap(sparse, sps) if format != FormatUnknown { - blk.SetFormat(format) + blk.setFormat(format) } out = append(out, blk[:]...) // Write extended sparse blocks. for len(sps) > 0 { var blk block - sps = populateSparseMap(blk.Sparse(), sps) + sps = populateSparseMap(blk.toSparse(), sps) out = append(out, blk[:]...) } return out @@ -1359,11 +1359,11 @@ func TestFileReader(t *testing.T) { wantCnt int64 wantErr error } - testRemaining struct { // LogicalRemaining() == wantLCnt, PhysicalRemaining() == wantPCnt + testRemaining struct { // logicalRemaining() == wantLCnt, physicalRemaining() == wantPCnt wantLCnt int64 wantPCnt int64 } - testFnc interface{} // testRead | testWriteTo | testRemaining + testFnc any // testRead | testWriteTo | testRemaining ) type ( @@ -1376,7 +1376,7 @@ func TestFileReader(t *testing.T) { spd sparseDatas size int64 } - fileMaker interface{} // makeReg | makeSparse + fileMaker any // makeReg | makeSparse ) vectors := []struct { @@ -1596,11 +1596,11 @@ func TestFileReader(t *testing.T) { t.Errorf("test %d.%d, expected %d more operations", i, j, len(f.ops)) } case testRemaining: - if got := fr.LogicalRemaining(); got != tf.wantLCnt { - t.Errorf("test %d.%d, LogicalRemaining() = %d, want %d", i, j, got, tf.wantLCnt) + if got := fr.logicalRemaining(); got != tf.wantLCnt { + t.Errorf("test %d.%d, logicalRemaining() = %d, want %d", i, j, got, tf.wantLCnt) } - if got := fr.PhysicalRemaining(); got != tf.wantPCnt { - t.Errorf("test %d.%d, PhysicalRemaining() = %d, want %d", i, j, got, tf.wantPCnt) + if got := fr.physicalRemaining(); got != tf.wantPCnt { + t.Errorf("test %d.%d, physicalRemaining() = %d, want %d", i, j, got, tf.wantPCnt) } default: t.Fatalf("test %d.%d, unknown test operation: %T", i, j, tf) diff --git a/vendor/archive/tar/stat_actime1.go b/vendor/archive/tar/stat_actime1.go index 4fdf2a04b3df4..c4c2480feeb0c 100644 --- a/vendor/archive/tar/stat_actime1.go +++ b/vendor/archive/tar/stat_actime1.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || linux || dragonfly || openbsd || solaris -// +build aix linux dragonfly openbsd solaris package tar diff --git a/vendor/archive/tar/stat_actime2.go b/vendor/archive/tar/stat_actime2.go index 5a9a35cbb4e22..f76d6be220f87 100644 --- a/vendor/archive/tar/stat_actime2.go +++ b/vendor/archive/tar/stat_actime2.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin || freebsd || netbsd -// +build darwin freebsd netbsd package tar diff --git a/vendor/archive/tar/stat_unix.go b/vendor/archive/tar/stat_unix.go index 4a5bca03121c2..b743c76b8cbcf 100644 --- a/vendor/archive/tar/stat_unix.go +++ b/vendor/archive/tar/stat_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || linux || darwin || dragonfly || freebsd || openbsd || netbsd || solaris -// +build aix linux darwin dragonfly freebsd openbsd netbsd solaris package tar diff --git a/vendor/archive/tar/strconv.go b/vendor/archive/tar/strconv.go index f0b61e6dba69a..275db6f0263f2 100644 --- a/vendor/archive/tar/strconv.go +++ b/vendor/archive/tar/strconv.go @@ -14,7 +14,7 @@ import ( // hasNUL reports whether the NUL character exists within s. func hasNUL(s string) bool { - return strings.IndexByte(s, 0) >= 0 + return strings.Contains(s, "\x00") } // isASCII reports whether the input is an ASCII C-style string. @@ -201,10 +201,7 @@ func parsePAXTime(s string) (time.Time, error) { const maxNanoSecondDigits = 9 // Split string into seconds and sub-seconds parts. - ss, sn := s, "" - if pos := strings.IndexByte(s, '.'); pos >= 0 { - ss, sn = s[:pos], s[pos+1:] - } + ss, sn, _ := strings.Cut(s, ".") // Parse the seconds. secs, err := strconv.ParseInt(ss, 10, 64) @@ -254,48 +251,32 @@ func formatPAXTime(ts time.Time) (s string) { // return the remainder as r. func parsePAXRecord(s string) (k, v, r string, err error) { // The size field ends at the first space. - sp := strings.IndexByte(s, ' ') - if sp == -1 { + nStr, rest, ok := strings.Cut(s, " ") + if !ok { return "", "", s, ErrHeader } // Parse the first token as a decimal integer. - n, perr := strconv.ParseInt(s[:sp], 10, 0) // Intentionally parse as native int - if perr != nil || n < 5 || int64(len(s)) < n { + n, perr := strconv.ParseInt(nStr, 10, 0) // Intentionally parse as native int + if perr != nil || n < 5 || n > int64(len(s)) { return "", "", s, ErrHeader } - - afterSpace := int64(sp + 1) - beforeLastNewLine := n - 1 - // In some cases, "length" was perhaps padded/malformed, and - // trying to index past where the space supposedly is goes past - // the end of the actual record. - // For example: - // "0000000000000000000000000000000030 mtime=1432668921.098285006\n30 ctime=2147483649.15163319" - // ^ ^ - // | | - // | afterSpace=35 - // | - // beforeLastNewLine=29 - // yet indexOf(firstSpace) MUST BE before endOfRecord. - // - // See https://golang.org/issues/40196. - if afterSpace >= beforeLastNewLine { + n -= int64(len(nStr) + 1) // convert from index in s to index in rest + if n <= 0 { return "", "", s, ErrHeader } // Extract everything between the space and the final newline. - rec, nl, rem := s[afterSpace:beforeLastNewLine], s[beforeLastNewLine:n], s[n:] + rec, nl, rem := rest[:n-1], rest[n-1:n], rest[n:] if nl != "\n" { return "", "", s, ErrHeader } // The first equals separates the key from the value. - eq := strings.IndexByte(rec, '=') - if eq == -1 { + k, v, ok = strings.Cut(rec, "=") + if !ok { return "", "", s, ErrHeader } - k, v = rec[:eq], rec[eq+1:] if !validPAXRecord(k, v) { return "", "", s, ErrHeader @@ -333,7 +314,7 @@ func formatPAXRecord(k, v string) (string, error) { // for the PAX version of the USTAR string fields. // The key must not contain an '=' character. func validPAXRecord(k, v string) bool { - if k == "" || strings.IndexByte(k, '=') >= 0 { + if k == "" || strings.Contains(k, "=") { return false } switch k { diff --git a/vendor/archive/tar/tar_test.go b/vendor/archive/tar/tar_test.go index e9fafc7cc70df..a476f5eb010f2 100644 --- a/vendor/archive/tar/tar_test.go +++ b/vendor/archive/tar/tar_test.go @@ -23,7 +23,7 @@ import ( type testError struct{ error } -type fileOps []interface{} // []T where T is (string | int64) +type fileOps []any // []T where T is (string | int64) // testFile is an io.ReadWriteSeeker where the IO operations performed // on it must match the list of operations in ops. diff --git a/vendor/archive/tar/writer.go b/vendor/archive/tar/writer.go index e80498d03e39c..3729f7e82c192 100644 --- a/vendor/archive/tar/writer.go +++ b/vendor/archive/tar/writer.go @@ -50,7 +50,7 @@ func (tw *Writer) Flush() error { if tw.err != nil { return tw.err } - if nb := tw.curr.LogicalRemaining(); nb > 0 { + if nb := tw.curr.logicalRemaining(); nb > 0 { return fmt.Errorf("archive/tar: missed writing %d bytes", nb) } if _, tw.err = tw.w.Write(zeroBlock[:tw.pad]); tw.err != nil { @@ -117,8 +117,8 @@ func (tw *Writer) writeUSTARHeader(hdr *Header) error { // Pack the main header. var f formatter blk := tw.templateV7Plus(hdr, f.formatString, f.formatOctal) - f.formatString(blk.USTAR().Prefix(), namePrefix) - blk.SetFormat(FormatUSTAR) + f.formatString(blk.toUSTAR().prefix(), namePrefix) + blk.setFormat(FormatUSTAR) if f.err != nil { return f.err // Should never happen since header is validated } @@ -208,7 +208,7 @@ func (tw *Writer) writePAXHeader(hdr *Header, paxHdrs map[string]string) error { var f formatter // Ignore errors since they are expected fmtStr := func(b []byte, s string) { f.formatString(b, toASCII(s)) } blk := tw.templateV7Plus(hdr, fmtStr, f.formatOctal) - blk.SetFormat(FormatPAX) + blk.setFormat(FormatPAX) if err := tw.writeRawHeader(blk, hdr.Size, hdr.Typeflag); err != nil { return err } @@ -250,10 +250,10 @@ func (tw *Writer) writeGNUHeader(hdr *Header) error { var spb []byte blk := tw.templateV7Plus(hdr, f.formatString, f.formatNumeric) if !hdr.AccessTime.IsZero() { - f.formatNumeric(blk.GNU().AccessTime(), hdr.AccessTime.Unix()) + f.formatNumeric(blk.toGNU().accessTime(), hdr.AccessTime.Unix()) } if !hdr.ChangeTime.IsZero() { - f.formatNumeric(blk.GNU().ChangeTime(), hdr.ChangeTime.Unix()) + f.formatNumeric(blk.toGNU().changeTime(), hdr.ChangeTime.Unix()) } // TODO(dsnet): Re-enable this when adding sparse support. // See https://golang.org/issue/22735 @@ -293,7 +293,7 @@ func (tw *Writer) writeGNUHeader(hdr *Header) error { f.formatNumeric(blk.GNU().RealSize(), realSize) } */ - blk.SetFormat(FormatGNU) + blk.setFormat(FormatGNU) if err := tw.writeRawHeader(blk, hdr.Size, hdr.Typeflag); err != nil { return err } @@ -321,28 +321,28 @@ type ( // The block returned is only valid until the next call to // templateV7Plus or writeRawFile. func (tw *Writer) templateV7Plus(hdr *Header, fmtStr stringFormatter, fmtNum numberFormatter) *block { - tw.blk.Reset() + tw.blk.reset() modTime := hdr.ModTime if modTime.IsZero() { modTime = time.Unix(0, 0) } - v7 := tw.blk.V7() - v7.TypeFlag()[0] = hdr.Typeflag - fmtStr(v7.Name(), hdr.Name) - fmtStr(v7.LinkName(), hdr.Linkname) - fmtNum(v7.Mode(), hdr.Mode) - fmtNum(v7.UID(), int64(hdr.Uid)) - fmtNum(v7.GID(), int64(hdr.Gid)) - fmtNum(v7.Size(), hdr.Size) - fmtNum(v7.ModTime(), modTime.Unix()) + v7 := tw.blk.toV7() + v7.typeFlag()[0] = hdr.Typeflag + fmtStr(v7.name(), hdr.Name) + fmtStr(v7.linkName(), hdr.Linkname) + fmtNum(v7.mode(), hdr.Mode) + fmtNum(v7.uid(), int64(hdr.Uid)) + fmtNum(v7.gid(), int64(hdr.Gid)) + fmtNum(v7.size(), hdr.Size) + fmtNum(v7.modTime(), modTime.Unix()) - ustar := tw.blk.USTAR() - fmtStr(ustar.UserName(), hdr.Uname) - fmtStr(ustar.GroupName(), hdr.Gname) - fmtNum(ustar.DevMajor(), hdr.Devmajor) - fmtNum(ustar.DevMinor(), hdr.Devminor) + ustar := tw.blk.toUSTAR() + fmtStr(ustar.userName(), hdr.Uname) + fmtStr(ustar.groupName(), hdr.Gname) + fmtNum(ustar.devMajor(), hdr.Devmajor) + fmtNum(ustar.devMinor(), hdr.Devminor) return &tw.blk } @@ -351,7 +351,7 @@ func (tw *Writer) templateV7Plus(hdr *Header, fmtStr stringFormatter, fmtNum num // It uses format to encode the header format and will write data as the body. // It uses default values for all of the other fields (as BSD and GNU tar does). func (tw *Writer) writeRawFile(name, data string, flag byte, format Format) error { - tw.blk.Reset() + tw.blk.reset() // Best effort for the filename. name = toASCII(name) @@ -361,15 +361,15 @@ func (tw *Writer) writeRawFile(name, data string, flag byte, format Format) erro name = strings.TrimRight(name, "/") var f formatter - v7 := tw.blk.V7() - v7.TypeFlag()[0] = flag - f.formatString(v7.Name(), name) - f.formatOctal(v7.Mode(), 0) - f.formatOctal(v7.UID(), 0) - f.formatOctal(v7.GID(), 0) - f.formatOctal(v7.Size(), int64(len(data))) // Must be < 8GiB - f.formatOctal(v7.ModTime(), 0) - tw.blk.SetFormat(format) + v7 := tw.blk.toV7() + v7.typeFlag()[0] = flag + f.formatString(v7.name(), name) + f.formatOctal(v7.mode(), 0) + f.formatOctal(v7.uid(), 0) + f.formatOctal(v7.gid(), 0) + f.formatOctal(v7.size(), int64(len(data))) // Must be < 8GiB + f.formatOctal(v7.modTime(), 0) + tw.blk.setFormat(format) if f.err != nil { return f.err // Only occurs if size condition is violated } @@ -511,10 +511,13 @@ func (fw *regFileWriter) ReadFrom(r io.Reader) (int64, error) { return io.Copy(struct{ io.Writer }{fw}, r) } -func (fw regFileWriter) LogicalRemaining() int64 { +// logicalRemaining implements fileState.logicalRemaining. +func (fw regFileWriter) logicalRemaining() int64 { return fw.nb } -func (fw regFileWriter) PhysicalRemaining() int64 { + +// logicalRemaining implements fileState.physicalRemaining. +func (fw regFileWriter) physicalRemaining() int64 { return fw.nb } @@ -526,9 +529,9 @@ type sparseFileWriter struct { } func (sw *sparseFileWriter) Write(b []byte) (n int, err error) { - overwrite := int64(len(b)) > sw.LogicalRemaining() + overwrite := int64(len(b)) > sw.logicalRemaining() if overwrite { - b = b[:sw.LogicalRemaining()] + b = b[:sw.logicalRemaining()] } b0 := b @@ -556,7 +559,7 @@ func (sw *sparseFileWriter) Write(b []byte) (n int, err error) { return n, errMissData // Not possible; implies bug in validation logic case err != nil: return n, err - case sw.LogicalRemaining() == 0 && sw.PhysicalRemaining() > 0: + case sw.logicalRemaining() == 0 && sw.physicalRemaining() > 0: return n, errUnrefData // Not possible; implies bug in validation logic case overwrite: return n, ErrWriteTooLong @@ -578,12 +581,12 @@ func (sw *sparseFileWriter) ReadFrom(r io.Reader) (n int64, err error) { var readLastByte bool pos0 := sw.pos - for sw.LogicalRemaining() > 0 && !readLastByte && err == nil { + for sw.logicalRemaining() > 0 && !readLastByte && err == nil { var nf int64 // Size of fragment dataStart, dataEnd := sw.sp[0].Offset, sw.sp[0].endOffset() if sw.pos < dataStart { // In a hole fragment nf = dataStart - sw.pos - if sw.PhysicalRemaining() == 0 { + if sw.physicalRemaining() == 0 { readLastByte = true nf-- } @@ -613,18 +616,18 @@ func (sw *sparseFileWriter) ReadFrom(r io.Reader) (n int64, err error) { return n, errMissData // Not possible; implies bug in validation logic case err != nil: return n, err - case sw.LogicalRemaining() == 0 && sw.PhysicalRemaining() > 0: + case sw.logicalRemaining() == 0 && sw.physicalRemaining() > 0: return n, errUnrefData // Not possible; implies bug in validation logic default: return n, ensureEOF(rs) } } -func (sw sparseFileWriter) LogicalRemaining() int64 { +func (sw sparseFileWriter) logicalRemaining() int64 { return sw.sp[len(sw.sp)-1].endOffset() - sw.pos } -func (sw sparseFileWriter) PhysicalRemaining() int64 { - return sw.fw.PhysicalRemaining() +func (sw sparseFileWriter) physicalRemaining() int64 { + return sw.fw.physicalRemaining() } // zeroWriter may only be written with NULs, otherwise it returns errWriteHole. diff --git a/vendor/archive/tar/writer_test.go b/vendor/archive/tar/writer_test.go index a00f02d8fab69..da3fb89e65e51 100644 --- a/vendor/archive/tar/writer_test.go +++ b/vendor/archive/tar/writer_test.go @@ -67,7 +67,7 @@ func TestWriter(t *testing.T) { testClose struct { // Close() == wantErr wantErr error } - testFnc interface{} // testHeader | testWrite | testReadFrom | testClose + testFnc any // testHeader | testWrite | testReadFrom | testClose ) vectors := []struct { @@ -987,11 +987,9 @@ func TestIssue12594(t *testing.T) { // The prefix field should never appear in the GNU format. var blk block copy(blk[:], b.Bytes()) - prefix := string(blk.USTAR().Prefix()) - if i := strings.IndexByte(prefix, 0); i >= 0 { - prefix = prefix[:i] // Truncate at the NUL terminator - } - if blk.GetFormat() == FormatGNU && len(prefix) > 0 && strings.HasPrefix(name, prefix) { + prefix := string(blk.toUSTAR().prefix()) + prefix, _, _ = strings.Cut(prefix, "\x00") // Truncate at the NUL terminator + if blk.getFormat() == FormatGNU && len(prefix) > 0 && strings.HasPrefix(name, prefix) { t.Errorf("test %d, found prefix in GNU format: %s", i, prefix) } @@ -1029,11 +1027,11 @@ func TestFileWriter(t *testing.T) { wantCnt int64 wantErr error } - testRemaining struct { // LogicalRemaining() == wantLCnt, PhysicalRemaining() == wantPCnt + testRemaining struct { // logicalRemaining() == wantLCnt, physicalRemaining() == wantPCnt wantLCnt int64 wantPCnt int64 } - testFnc interface{} // testWrite | testReadFrom | testRemaining + testFnc any // testWrite | testReadFrom | testRemaining ) type ( @@ -1046,7 +1044,7 @@ func TestFileWriter(t *testing.T) { sph sparseHoles size int64 } - fileMaker interface{} // makeReg | makeSparse + fileMaker any // makeReg | makeSparse ) vectors := []struct { @@ -1292,11 +1290,11 @@ func TestFileWriter(t *testing.T) { t.Errorf("test %d.%d, expected %d more operations", i, j, len(f.ops)) } case testRemaining: - if got := fw.LogicalRemaining(); got != tf.wantLCnt { - t.Errorf("test %d.%d, LogicalRemaining() = %d, want %d", i, j, got, tf.wantLCnt) + if got := fw.logicalRemaining(); got != tf.wantLCnt { + t.Errorf("test %d.%d, logicalRemaining() = %d, want %d", i, j, got, tf.wantLCnt) } - if got := fw.PhysicalRemaining(); got != tf.wantPCnt { - t.Errorf("test %d.%d, PhysicalRemaining() = %d, want %d", i, j, got, tf.wantPCnt) + if got := fw.physicalRemaining(); got != tf.wantPCnt { + t.Errorf("test %d.%d, physicalRemaining() = %d, want %d", i, j, got, tf.wantPCnt) } default: t.Fatalf("test %d.%d, unknown test operation: %T", i, j, tf) From ecd1aa081fe10f81501a2106b31d76697c8ca378 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 19 Apr 2022 09:14:18 +0200 Subject: [PATCH 4/8] update golang to 1.18.1 go1.18.1 (released 2022-04-12) includes security fixes to the crypto/elliptic, crypto/x509, and encoding/pem packages, as well as bug fixes to the compiler, linker, runtime, the go command, vet, and the bytes, crypto/x509, and go/types packages. See the Go 1.18.1 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.18.1+label%3ACherryPickApproved Includes fixes for: - CVE-2022-24675 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24675) - CVE-2022-27536 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27536) - CVE-2022-28327 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28327) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ef64db5021b5d60bb852cc303b72c0c59697900d) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 770ab20226002..f1ff6f29d4cef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.18.0 +ARG GO_VERSION=1.18.1 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 1651c6888807f..de536c6e10d50 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.18.0 +ARG GO_VERSION=1.18.1 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 15261efc97233..d9eb2072f8623 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.18.0 +ARG GO_VERSION=1.18.1 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 04f30d5ee02cb..8ab154e866d28 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.18.0 +ARG GO_VERSION=1.18.1 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From 82939f536b8af67d5671780ee761016e7f8a9550 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 11 May 2022 13:08:25 +0200 Subject: [PATCH 5/8] update golang to 1.18.2 go1.18.2 (released 2022-05-10) includes security fixes to the syscall package, as well as bug fixes to the compiler, runtime, the go command, and the crypto/x509, go/types, net/http/httptest, reflect, and sync/atomic packages. See the Go 1.18.2 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.18.2+label%3ACherryPickApproved Full diff: http://github.com/golang/go/compare/go1.18.1...go1.18.2 Includes fixes for: - CVE-2022-29526 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526); (description at https://go.dev/issue/52313). Signed-off-by: Sebastiaan van Stijn (cherry picked from commit d294078dd06f0eaa8faededf72d5e63fd6a6912e) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index f1ff6f29d4cef..5376d93c2d86f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.18.1 +ARG GO_VERSION=1.18.2 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index de536c6e10d50..8058ceded4737 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.18.1 +ARG GO_VERSION=1.18.2 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index d9eb2072f8623..a317b58914892 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.18.1 +ARG GO_VERSION=1.18.2 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 8ab154e866d28..0574fd8a975cd 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.18.1 +ARG GO_VERSION=1.18.2 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From a99c9cd8522ac6cc51a168f664f60d5ea366d731 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 2 Jun 2022 09:14:47 +0200 Subject: [PATCH 6/8] update golang to 1.18.3 go1.18.3 (released 2022-06-01) includes security fixes to the crypto/rand, crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the compiler, and the crypto/tls and text/template/parse packages. See the Go 1.18.3 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.18.3+label%3ACherryPickApproved Hello gophers, We have just released Go versions 1.18.3 and 1.17.11, minor point releases. These minor releases include 4 security fixes following the security policy: - crypto/rand: rand.Read hangs with extremely large buffers On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes. Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset, for reporting this issue. This is [CVE-2022-30634][CVE-2022-30634] and Go issue https://go.dev/issue/52561. - crypto/tls: session tickets lack random ticket_age_add Session tickets generated by crypto/tls did not contain a randomly generated ticket_age_add. This allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. Thanks to GitHub user nervuri for reporting this. This is [CVE-2022-30629][CVE-2022-30629] and Go issue https://go.dev/issue/52814. - `os/exec`: empty `Cmd.Path` can result in running unintended binary on Windows If, on Windows, `Cmd.Run`, `cmd.Start`, `cmd.Output`, or `cmd.CombinedOutput` are executed when Cmd.Path is unset and, in the working directory, there are binaries named either "..com" or "..exe", they will be executed. Thanks to Chris Darroch, brian m. carlson, and Mikhail Shcherbakov for reporting this. This is [CVE-2022-30580][CVE-2022-30580] and Go issue https://go.dev/issue/52574. - `path/filepath`: Clean(`.\c:`) returns `c:` on Windows On Windows, the `filepath.Clean` function could convert an invalid path to a valid, absolute path. For example, Clean(`.\c:`) returned `c:`. Thanks to Unrud for reporting this issue. This is [CVE-2022-29804][CVE-2022-29804] and Go issue https://go.dev/issue/52476. [CVE-2022-30634]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30634 [CVE-2022-30629]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30629 [CVE-2022-30580]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30580 [CVE-2022-29804]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29804 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c1a9ffc97a0f0d0a034ab1ab727095a33c571337) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5376d93c2d86f..49fdc6a2b25fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.18.2 +ARG GO_VERSION=1.18.3 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 8058ceded4737..5509e6b1b1e13 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.18.2 +ARG GO_VERSION=1.18.3 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index a317b58914892..8ac5449e20d0e 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.18.2 +ARG GO_VERSION=1.18.3 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 0574fd8a975cd..7a284827a77a2 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.18.2 +ARG GO_VERSION=1.18.3 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From f2a3c3bcefd8331f53f946be40fc36706fb6ad7b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 13 Jul 2022 10:42:27 +0200 Subject: [PATCH 7/8] update golang to 1.18.4 go1.18.4 (released 2022-07-12) includes security fixes to the compress/gzip, encoding/gob, encoding/xml, go/parser, io/fs, net/http, and path/filepath packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the runtime/metrics package. See the Go 1.18.4 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.18.4+label%3ACherryPickApproved This update addresses: CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, and CVE-2022-32148. Full diff: https://github.com/golang/go/compare/go1.18.3...go1.18.4 From the security announcement; https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE We have just released Go versions 1.18.4 and 1.17.12, minor point releases. These minor releases include 9 security fixes following the security policy: - net/http: improper sanitization of Transfer-Encoding header The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating a "chunked" encoding. This could potentially allow for request smuggling, but only if combined with an intermediate server that also improperly failed to reject the header as invalid. This is CVE-2022-1705 and https://go.dev/issue/53188. - When `httputil.ReverseProxy.ServeHTTP` was called with a `Request.Header` map containing a nil value for the X-Forwarded-For header, ReverseProxy would set the client IP as the value of the X-Forwarded-For header, contrary to its documentation. In the more usual case where a Director function set the X-Forwarded-For header value to nil, ReverseProxy would leave the header unmodified as expected. This is https://go.dev/issue/53423 and CVE-2022-32148. Thanks to Christian Mehlmauer for reporting this issue. - compress/gzip: stack exhaustion in Reader.Read Calling Reader.Read on an archive containing a large number of concatenated 0-length compressed files can cause a panic due to stack exhaustion. This is CVE-2022-30631 and Go issue https://go.dev/issue/53168. - encoding/xml: stack exhaustion in Unmarshal Calling Unmarshal on a XML document into a Go struct which has a nested field that uses the any field tag can cause a panic due to stack exhaustion. This is CVE-2022-30633 and Go issue https://go.dev/issue/53611. - encoding/xml: stack exhaustion in Decoder.Skip Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion. The Go Security team discovered this issue, and it was independently reported by Juho Nurminen of Mattermost. This is CVE-2022-28131 and Go issue https://go.dev/issue/53614. - encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is CVE-2022-30635 and Go issue https://go.dev/issue/53615. - path/filepath: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2022-30632 and Go issue https://go.dev/issue/53416. - io/fs: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. This is CVE-2022-30630 and Go issue https://go.dev/issue/53415. - go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code which contains deeply nested types or declarations can cause a panic due to stack exhaustion. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2022-1962 and Go issue https://go.dev/issue/53616. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 34b8670b1a0e0890263b24c3d604445570905dbb) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 49fdc6a2b25fd..ccfecd929dc98 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.18.3 +ARG GO_VERSION=1.18.4 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 5509e6b1b1e13..4ea00b5cf7cba 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.18.3 +ARG GO_VERSION=1.18.4 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 8ac5449e20d0e..57aed3845b4ee 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.18.3 +ARG GO_VERSION=1.18.4 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 7a284827a77a2..3ff87c7ed1d51 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.18.3 +ARG GO_VERSION=1.18.4 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From 7ba8ca042cf855eecdcdd419221145f00056f057 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 3 Aug 2022 20:06:35 +0200 Subject: [PATCH 8/8] Update golang to 1.18.5 Update Go runtime to 1.18.5 to address CVE-2022-32189. Full diff: https://github.com/golang/go/compare/go1.18.4...go1.18.5 -------------------------------------------------------- From the security announcement: https://groups.google.com/g/golang-announce/c/YqYYG87xB10 We have just released Go versions 1.18.5 and 1.17.13, minor point releases. These minor releases include 1 security fixes following the security policy: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short. This is CVE-2022-32189 and Go issue https://go.dev/issue/53871. View the release notes for more information: https://go.dev/doc/devel/release#go1.18.5 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f1d71f7cc3e5a394db078526dcffbdb64f0cac4e) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index ccfecd929dc98..443346ff18b95 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.18.4 +ARG GO_VERSION=1.18.5 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 4ea00b5cf7cba..7a40819139d8f 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.18.4 +ARG GO_VERSION=1.18.5 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 57aed3845b4ee..9856836675984 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.18.4 +ARG GO_VERSION=1.18.5 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 3ff87c7ed1d51..08335ca9eac9c 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.18.4 +ARG GO_VERSION=1.18.5 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: