clones/go
1
0
Fork 0
mirror of https://github.com/golang/go.git synced 2024-09-23 11:29:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
The Go programming language
45,901 Commits 59 Branches 428 Tags 654 MiB
Go 93.8%
Assembly 5.7%
C 0.2%
Shell 0.1%
953d1feca9
Go to file
Roland Shoemaker 953d1feca9 all: introduce and use internal/execabs 
Introduces a wrapper around os/exec, internal/execabs, for use in
all commands. This wrapper prevents exec.LookPath and exec.Command from
running executables in the current directory.

All imports of os/exec in non-test files in cmd/ are replaced with
imports of internal/execabs.

This issue was reported by RyotaK.

Fixes CVE-2021-3115
Fixes #43783

Change-Id: I0423451a6e27ec1e1d6f3fe929ab1ef69145c08f
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/955304
Reviewed-by: Russ Cox <rsc@google.com>
Reviewed-by: Katie Hockman <katiehockman@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/284783
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
2021-01-21 19:10:18 +00:00
.github .github: add link to questions in ISSUE_TEMPLATE 2020-01-06 17:05:31 +00:00
api syscall: remove RtlGenRandom and move it into internal/syscall 2021-01-15 18:42:27 +00:00
doc doc: update editors.html for Go 1.16 2021-01-11 19:45:02 +00:00
lib/time lib/time, time/tzdata: update tzdata to 2020f 2020-12-30 22:51:30 +00:00
misc misc/cgo/testcarchive: remove special flags for Darwin/ARM 2020-12-30 22:39:59 +00:00
src all: introduce and use internal/execabs 2021-01-21 19:10:18 +00:00
test cmd/compile: require 'go 1.16' go.mod line for //go:embed 2021-01-19 20:07:52 +00:00
.gitattributes all: treat all files as binary, but check in .bat with CRLF 2020-06-08 15:31:43 +00:00
.gitignore .gitignore: ignore src/cmd/dist/dist 2017-10-28 21:55:49 +00:00
AUTHORS A+C: add Kush Patel (corporate CLA for Hootsuite Inc) 2020-07-08 00:10:44 +00:00
CONTRIBUTING.md all: restore changes from faulty merge/revert 2018-02-12 20:13:59 +00:00
CONTRIBUTORS CONTRIBUTORS: update for the Go 1.15 release 2020-08-10 21:51:48 +00:00
favicon.ico website: recreate 16px and 32px favicon 2016-08-25 15:43:32 +00:00
LICENSE doc: revert copyright date to 2009 2016-06-01 22:40:04 +00:00
PATENTS LICENSE: separate, change PATENTS text 2010-12-06 16:31:59 -05:00
README.md README: linkify some paths 2018-06-06 18:07:01 +00:00
robots.txt godoc: serve robots.txt raw 2011-02-19 05:46:20 +11:00
SECURITY.md SECURITY.md: update go versions 2019-09-26 15:34:57 +00:00

README.md

The Go Programming Language

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Gopher image Gopher image by Renee French, licensed under Creative Commons 3.0 Attributions license.

Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Download and Install

Binary Distributions

Official binary distributions are available at https://golang.org/dl/.

After downloading a binary release, visit https://golang.org/doc/install or load doc/install.html in your web browser for installation instructions.

Install From Source

If a binary distribution is not available for your combination of operating system and architecture, visit https://golang.org/doc/install/source or load doc/install-source.html in your web browser for source installation instructions.

Contributing

Go is the work of thousands of contributors. We appreciate your help!

To contribute, please read the contribution guidelines: https://golang.org/doc/contribute.html

Note that the Go project uses the issue tracker for bug reports and proposals only. See https://golang.org/wiki/Questions for a list of places to ask questions about the Go language.