New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
syscall: ntdll.dll errors in rtlGetNtVersionNumbers via os.StartProcess [1.16 backport] #49867
Comments
Approved as a serious problem without a workaround per discussion in a release meeting. Go 1.17 and 1.16 are both getting this fix. |
@dmitshur Does the security team need to be informed about this, regarding #49731 (comment)? |
@zx2c4 If you believe an existing issue should be treated as security-related, please take a look at https://go.dev/security#flagging. Thanks. |
Change https://golang.org/cl/368356 mentions this issue: |
Closed by merging f2b0149 to release-branch.go1.16. |
…alive to prevent GC When syscall's DLL.FindProc calls into syscall_getprocaddress with a byte slice pointer, we need to keep those bytes alive. Otherwise the GC will collect the allocation, and we wind up calling `GetProcAddress` on garbage, which showed up as various flakes in the builders. It turns out that this problem extends to many uses of //go:cgo_unsafe_args throughout, on all platforms. So this patch fixes the issue by keeping non-integer pointer arguments alive through their invocation in //go:cgo_unsafe_args functions. Fixes #49867. Updates #49731. Change-Id: I93e4fbc2e8e210cb3fc53149708758bb33f2f9c7 Reviewed-on: https://go-review.googlesource.com/c/go/+/368356 Trust: Jason A. Donenfeld <Jason@zx2c4.com> Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com>
@zx2c4 requested issue #49731 to be considered for backport to the next 1.16 minor release.
The text was updated successfully, but these errors were encountered: