You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
strconv.ParseBool produces a detailed error message that points to the use of Golang.
I suggest to remove strconv.ParseBool string from the error message due to the security vulnerability.
The text was updated successfully, but these errors were encountered:
sean2Yi
changed the title
security:strconv.ParseBool produces a detailed error message that points to the use of Golang
proposal:strconv.ParseBool produces a detailed error message that points to the use of Golang
Jul 15, 2020
If you don't want this kind of detail to leak, intercept the error and print your own. But we certainly cannot change every single error the compiler, the runtime and the standard library packages print to make them not leak the fact that the binary was built using Go.
What version of Go are you using (
go version
)?What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
What did you expect to see?
What did you see instead?
strconv.ParseBool produces a detailed error message that points to the use of Golang.
I suggest to remove strconv.ParseBool string from the error message due to the security vulnerability.
The text was updated successfully, but these errors were encountered: