all: update vendored dependencies

Generated with x/build/cmd/updatestd. Updates #36905. Change-Id: Iecd76e820c5f40a0f5e013684f7e7bef4c3fd482 Reviewed-on: https://go-review.googlesource.com/c/go/+/498598 Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org>
author: Matthew Dempsky <mdempsky@google.com> 2023-05-26 14:34:56 -0700
committer: Gopher Robot <gobot@golang.org> 2023-05-26 22:45:40 +0000
commit: 260a9b0a079935744df6a17d0e1d185a9d50631d (patch)
tree: 1c1d2ec55d2c713b2dc837af58b68e064141cf19 /src/vendor
parent: 699a6bfbfcb20fe93c64818e86ffea699595ea6b (diff)
download: go-260a9b0a079935744df6a17d0e1d185a9d50631d.tar.gz
go-260a9b0a079935744df6a17d0e1d185a9d50631d.zip
4 files changed, 35 insertions, 12 deletions
diff --git a/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go
index 3141a7f1b9..6fc2838a3f 100644
--- a/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go
+++ b/src/vendor/golang.org/x/crypto/cryptobyte/asn1.go
@@ -431,6 +431,14 @@ func (s *String) readBase128Int(out *int) bool {
 		}
 		ret <<= 7
 		b := s.read(1)[0]
+
+		// ITU-T X.690, section 8.19.2:
+		// The subidentifier shall be encoded in the fewest possible octets,
+		// that is, the leading octet of the subidentifier shall not have the value 0x80.
+		if i == 0 && b == 0x80 {
+			return false
+		}
+
 		ret |= int(b & 0x7f)
 		if b&0x80 == 0 {
 			*out = ret
diff --git a/src/vendor/golang.org/x/net/dns/dnsmessage/message.go b/src/vendor/golang.org/x/net/dns/dnsmessage/message.go
index ffdf19d5d3..1577d4a19d 100644
--- a/src/vendor/golang.org/x/net/dns/dnsmessage/message.go
+++ b/src/vendor/golang.org/x/net/dns/dnsmessage/message.go
@@ -260,9 +260,11 @@ var (
 	errReserved           = errors.New("segment prefix is reserved")
 	errTooManyPtr         = errors.New("too many pointers (>10)")
 	errInvalidPtr         = errors.New("invalid pointer")
+	errInvalidName        = errors.New("invalid dns name")
 	errNilResouceBody     = errors.New("nil resource body")
 	errResourceLen        = errors.New("insufficient data for resource body length")
 	errSegTooLong         = errors.New("segment length too long")
+	errNameTooLong        = errors.New("name too long")
 	errZeroSegLen         = errors.New("zero length segment")
 	errResTooLong         = errors.New("resource length too long")
 	errTooManyQuestions   = errors.New("too many Questions to pack (>65535)")
@@ -1728,7 +1730,7 @@ const (
 //
 // The provided extRCode must be an extended RCode.
 func (h *ResourceHeader) SetEDNS0(udpPayloadLen int, extRCode RCode, dnssecOK bool) error {
-	h.Name = Name{Data: [nameLen]byte{'.'}, Length: 1} // RFC 6891 section 6.1.2
+	h.Name = Name{Data: [255]byte{'.'}, Length: 1} // RFC 6891 section 6.1.2
 	h.Type = TypeOPT
 	h.Class = Class(udpPayloadLen)
 	h.TTL = uint32(extRCode) >> 4 << 24
@@ -1888,21 +1890,21 @@ func unpackBytes(msg []byte, off int, field []byte) (int, error) {
 	return newOff, nil
 }
 
-const nameLen = 255
+const nonEncodedNameMax = 254
 
 // A Name is a non-encoded domain name. It is used instead of strings to avoid
 // allocations.
 type Name struct {
-	Data   [nameLen]byte // 255 bytes
+	Data   [255]byte
 	Length uint8
 }
 
 // NewName creates a new Name from a string.
 func NewName(name string) (Name, error) {
-	if len(name) > nameLen {
+	n := Name{Length: uint8(len(name))}
+	if len(name) > len(n.Data) {
 		return Name{}, errCalcLen
 	}
-	n := Name{Length: uint8(len(name))}
 	copy(n.Data[:], name)
 	return n, nil
 }
@@ -1936,6 +1938,10 @@ func (n *Name) GoString() string {
 func (n *Name) pack(msg []byte, compression map[string]int, compressionOff int) ([]byte, error) {
 	oldMsg := msg
 
+	if n.Length > nonEncodedNameMax {
+		return nil, errNameTooLong
+	}
+
 	// Add a trailing dot to canonicalize name.
 	if n.Length == 0 || n.Data[n.Length-1] != '.' {
 		return oldMsg, errNonCanonicalName
@@ -2029,6 +2035,15 @@ Loop:
 			if endOff > len(msg) {
 				return off, errCalcLen
 			}
+
+			// Reject names containing dots.
+			// See issue golang/go#56246
+			for _, v := range msg[currOff:endOff] {
+				if v == '.' {
+					return off, errInvalidName
+				}
+			}
+
 			name = append(name, msg[currOff:endOff]...)
 			name = append(name, '.')
 			currOff = endOff
@@ -2057,8 +2072,8 @@ Loop:
 	if len(name) == 0 {
 		name = append(name, '.')
 	}
-	if len(name) > len(n.Data) {
-		return off, errCalcLen
+	if len(name) > nonEncodedNameMax {
+		return off, errNameTooLong
 	}
 	n.Length = uint8(len(name))
 	if ptr == 0 {
diff --git a/src/vendor/golang.org/x/sys/cpu/endian_little.go b/src/vendor/golang.org/x/sys/cpu/endian_little.go
index fe545966b6..55db853efb 100644
--- a/src/vendor/golang.org/x/sys/cpu/endian_little.go
+++ b/src/vendor/golang.org/x/sys/cpu/endian_little.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh
-// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh
+//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh || wasm
+// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh wasm
 
 package cpu
 
diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt
index fd49affcf4..c084ed85da 100644
--- a/src/vendor/modules.txt
+++ b/src/vendor/modules.txt
@@ -1,4 +1,4 @@
-# golang.org/x/crypto v0.5.1-0.20230203195927-310bfa40f1e4
+# golang.org/x/crypto v0.9.0
 ## explicit; go 1.17
 golang.org/x/crypto/chacha20
 golang.org/x/crypto/chacha20poly1305
@@ -7,7 +7,7 @@ golang.org/x/crypto/cryptobyte/asn1
 golang.org/x/crypto/hkdf
 golang.org/x/crypto/internal/alias
 golang.org/x/crypto/internal/poly1305
-# golang.org/x/net v0.10.0
+# golang.org/x/net v0.10.1-0.20230525180353-f7250ea19d21
 ## explicit; go 1.17
 golang.org/x/net/dns/dnsmessage
 golang.org/x/net/http/httpguts
@@ -17,7 +17,7 @@ golang.org/x/net/idna
 golang.org/x/net/lif
 golang.org/x/net/nettest
 golang.org/x/net/route
-# golang.org/x/sys v0.8.0
+# golang.org/x/sys v0.8.1-0.20230523194307-b5c7a0975ddc
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 # golang.org/x/text v0.9.0
author	Matthew Dempsky <mdempsky@google.com>	2023-05-26 14:34:56 -0700
committer	Gopher Robot <gobot@golang.org>	2023-05-26 22:45:40 +0000
commit	260a9b0a079935744df6a17d0e1d185a9d50631d (patch)
tree	1c1d2ec55d2c713b2dc837af58b68e064141cf19 /src/vendor
parent	699a6bfbfcb20fe93c64818e86ffea699595ea6b (diff)
download	go-260a9b0a079935744df6a17d0e1d185a9d50631d.tar.gz go-260a9b0a079935744df6a17d0e1d185a9d50631d.zip