Skip to content

x/vuln: Binary mode not compatible with golang 1.21.0 #61936

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
scottso opened this issue Aug 10, 2023 · 4 comments
Closed

x/vuln: Binary mode not compatible with golang 1.21.0 #61936

scottso opened this issue Aug 10, 2023 · 4 comments
Assignees
@zpavlinovic
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Milestone
vuln/unplanned

Comments

@scottso
Copy link

scottso commented Aug 10, 2023

What version of Go are you using (go version)?

$ go version
go version go1.21.0 linux/amd64

Does this issue reproduce at the latest version of golang.org/x/vuln?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/root/.cache/go-build'
GOENV='/root/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.0'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/go/src/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build195800328=/tmp/go-build -gno-record-gcc-switches'

What did you do?

$ govulncheck -mode=binary testme

Any binary built with golang 1.21.0 will express this error.

What did you expect to see?

Using govulncheck@v1.0.0 with vulnerability data from https://vuln.go.dev (last modified 2023-08-02 20:33:39 +0000 UTC).

Scanning your binary for known vulnerabilities...

No vulnerabilities found.

Share feedback at https://go.dev/s/govulncheck-feedback.

What did you see instead?

Using govulncheck@v1.0.0 with vulnerability data from https://vuln.go.dev (last modified 2023-08-02 20:33:39 +0000 UTC).

Scanning your binary for known vulnerabilities...

govulncheck: could not parse provided binary: binary built using unsupported Go version: "go1.21.0"
@scottso scottso added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Aug 10, 2023
@gopherbot gopherbot modified the milestones: Unreleased, vuln/unplanned Aug 10, 2023
@mknyszek mknyszek added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Aug 10, 2023
@mknyszek
Copy link
Contributor

CC @golang/vulndb

@zpavlinovic
Copy link
Contributor

zpavlinovic commented Aug 11, 2023
edited
Loading

Could you confirm that this is still an issue with the latest version of govulncheck? We had a relevant change just recently.

@corani
Copy link

corani commented Aug 14, 2023
edited
Loading

I'm seeing the same issue for all my projects. Latest master seems to work:

Using govulncheck@v1.0.1-0.20230811173009-242ecf7a366e with vulnerability data from https://vuln.go.dev (last modified 2023-08-11 01:41:48 +0000 UTC).

Scanning your binary for known vulnerabilities...

No vulnerabilities found.

@zpavlinovic Could you create a new tagged release?

@corani
Copy link

corani commented Aug 18, 2023

Confirmed fixed in v1.0.1. Thanks for the quick turnaround!

@zpavlinovic zpavlinovic self-assigned this Aug 18, 2023
@gabyhelp gabyhelp mentioned this issue Jul 1, 2024
Closed
@golang golang locked and limited conversation to collaborators Aug 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@zpavlinovic zpavlinovic

Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Projects
None yet
Milestone
vuln/unplanned
Development

No branches or pull requests
5 participants
@corani @zpavlinovic @mknyszek @scottso @gopherbot