On Fri, Oct 18, 2019 at 4:59 PM Anthony Martin <al...@pbrane.org> wrote: > > Katie Hockman <ka...@golang.org> once said: > > The Go 1.13.2 release also includes a fix to the compiler that prevents > > improper access to negative slice indexes in rare cases. Affected code, in > > which the compiler can prove that the index is zero or negative, would have > > resulted in a panic in Go 1.12.11, but could have led to arbitrary memory > > read and writes in Go 1.13 and Go 1.13.1. This is Go issue > > golang.org/issue/34802. > > Well that's not good. Maybe next time you should lead with the arbitrary > memory r/w instead of the comparatively minor nil-deref panic. I almost > missed it while skimming the end.
It's actually not clear whether that (relatively) arbitrary memory read can ever occur based on user data. You can write a program to cause it, but it can only happen if the compiler can (incorrectly) prove certain conditions, and that generally can't happen based on data that is not known at compile time. But we weren't completely sure, so we decided to incorporate the fix into the security release. Given that, I think the announcement had the correct priority order for security problems. Ian -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CAOyqgcXY-978a5wD4G%3DVHaKJbjkwO6KtWryDPE0h4QkqjqaQgw%40mail.gmail.com.
