diff options
| author | Ian Lance Taylor <iant@golang.org> | 2018-02-14 18:04:54 -0800 |
|---|---|---|
| committer | Andrew Bonventre <andybons@golang.org> | 2018-02-16 00:48:11 +0000 |
| commit | c622ec556b0798d5696ec97a5e180c035dea392b (patch) | |
| tree | bfbc9f1ade4e2b4aa18d6f79d2b5063a252ae266 | |
| parent | 07a153e0a43a2945150dd448dab226ecc3a1e265 (diff) | |
| download | go-c622ec556b0798d5696ec97a5e180c035dea392b.tar.gz go-c622ec556b0798d5696ec97a5e180c035dea392b.zip | |
[release-branch.go1.10] doc: add note about invalid flag errors to 1.10 release notes
Updates #23672
Updates #23749
Change-Id: I85b6493bd1e4095398508b7ef395c35463dfbde1
Reviewed-on: https://go-review.googlesource.com/94158
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Bonventre <andybons@golang.org>
(cherry picked from commit f2354d0aacdd5ce1952c5441c6a489378ccb7656)
Reviewed-on: https://go-review.googlesource.com/94655
| -rw-r--r-- | doc/go1.10.html | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/go1.10.html b/doc/go1.10.html index a6e186fb73..4c0e847c05 100644 --- a/doc/go1.10.html +++ b/doc/go1.10.html @@ -30,6 +30,10 @@ adds <a href="#test">caching of successful test results</a>, runs <a href="#test-vet">vet automatically during tests</a>, and permits <a href="#cgo">passing string values directly between Go and C using cgo</a>. +A new <a href="#cgo">compiler option whitelist</a> may cause +unexpected <a href="https://golang.org/s/invalidflag"><code>invalid +flag</code></a> errors in code that built successfully with older +releases. </p> <h2 id="language">Changes to the language</h2> @@ -262,6 +266,18 @@ and the <a href="/cmd/test2json/">test2json documentation</a>. <h3 id="cgo">Cgo</h3> <p> +Options specified by cgo using <code>#cgo CFLAGS</code> and the like +are now checked against a whitelist of permitted options. +This closes a security hole in which a downloaded package uses +compiler options like +<span style="white-space: nowrap"><code>-fplugin</code></span> +to run arbitrary code on the machine where it is being built. +This can cause a build error such as <code>invalid flag in #cgo CFLAGS</code>. +For more background, and how to handle this error, see +<a href="https://golang.org/s/invalidflag">https://golang.org/s/invalidflag</a>. +</p> + +<p> Cgo now implements a C typedef like “<code>typedef</code> <code>X</code> <code>Y</code>” using a Go type alias, so that Go code may use the types <code>C.X</code> and <code>C.Y</code> interchangeably. It also now supports the use of niladic function-like macros. |