Skip to content

sys/windows: update docs about secure way to load system DLLs #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 45 commits into
base: master
Choose a base branch
from
Open

sys/windows: update docs about secure way to load system DLLs #13

wants to merge 45 commits into from
+2,959 −6,519

Conversation

austinderek
Copy link

Before this change, the documentation of the syscall.LazyDLL states to use windows.LazyDLL for secure loading of system DLLs. However, the use of the windows.LazyDLL structure is only secure (not vulnerable to DLL preloading/injection attacks) if the user creates the object through the windows.NewLazySystemDLL function or if they use windows.NewLazyDLL with an absolute path.

Given all this, I think it is better to point to windows.NewLazySystemDLL function instead of the windows.LazyDLL structure in the syscall.LazyDLL documentation.

🔄 This is a mirror of upstream PR #74284

limeidan and others added 8 commits August 3, 2025 18:25
@limeidan @abner-chenc
runtime: add reference to debugPinnerV1
d6beda8 
This is intended to be used by debuggers, to keep heap memory reachable
even if it isn't referenced from anywhere else.

Change-Id: I1e900e02b4fe3a188f8173cec70f8de32122489b
Reviewed-on: https://go-review.googlesource.com/c/go/+/682875
Reviewed-by: abner chenc <[email protected]>
Reviewed-by: Mark Freeman <[email protected]>
Reviewed-by: Michael Knyszek <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
@sophie-zhao @abner-chenc
cmd/internal/obj/loong64: add [X]VLDREPL.{B/H/W/D} instructions support
d44749b 
Go asm syntax:
	 VMOVQ	offset(Rj), Vd.<T>
	XVMOVQ	offset(Rj), Xd.<T>

<T> can have the following values:
B16, H8, W4, V2, B32, H16, W8, V4

Change-Id: I44af51d58bb62649d3fe360b3abb771565e78a8a
Reviewed-on: https://go-review.googlesource.com/c/go/+/682895
Reviewed-by: abner chenc <[email protected]>
Reviewed-by: Michael Knyszek <[email protected]>
Reviewed-by: Meidan Li <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Mark Freeman <[email protected]>
@sophie-zhao @abner-chenc
cmd/compile/internal/test: fix typo in comments
abeeef1 
Change-Id: Iba6bb7f8252120f56d7e6ae49c9edc9382e8c7e0
Reviewed-on: https://go-review.googlesource.com/c/go/+/679855
Reviewed-by: abner chenc <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Mark Freeman <[email protected]>
Reviewed-by: Michael Knyszek <[email protected]>
@sophie-zhao @abner-chenc
cmd/internal/obj/loong64: add {V,XV}{BITCLR/BITSET/BITREV}[I].{B/H/W/…
b2960e3 
…D} instructions support

Go asm syntax:
	 V{BITCLR/BITSET/BITREV}{B/H/W/V}	$1, V2, V3
	XV{BITCLR/BITSET/BITREV}{B/H/W/V}	$1, X2, X3
	 V{BITCLR/BITSET/BITREV}{B/H/W/V}	VK, VJ, VD
	XV{BITCLR/BITSET/BITREV}{B/H/W/V}	XK, XJ, XD

Equivalent platform assembler syntax:
	 v{bitclr/bitset/bitrev}i.{b/h/w/d}	v3, v2, $1
	xv{bitclr/bitset/bitrev}i.{b/h/w/d}	x3, x2, $1
	 v{bitclr/bitset/bitrev}.{b/h/w/d}	vd, vj, vk
	xv{bitclr/bitset/bitrev}.{b/h/w/d}	xd, xj, xk

Change-Id: I244f8ae316f72cc7ea01ca0139ac78c5616a3c5b
Reviewed-on: https://go-review.googlesource.com/c/go/+/677435
Reviewed-by: Cherry Mui <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: abner chenc <[email protected]>
Reviewed-by: Mark Freeman <[email protected]>
@cherrymui
cmd/cgo/internal/test: use (syntactic) constant for C array bound
4b6cbc3 
A test in C has an array bound defined as a "const int", which is
technically a variable. The new version of C compiler in Xcode 26
beta emits a warning "variable length array folded to constant
array as an extension" for this (as an error since we build the
test with -Werror). Work around this by using an enum, which is
syntactically a constant.

Change-Id: Icfa943f293f6eac8f41d0615da40c126330d7d11
Reviewed-on: https://go-review.googlesource.com/c/go/+/692877
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Michael Pratt <[email protected]>
@mateusz834 @adonovan
go/parser: remove safePos
d7bd777 
The logic in safePos is wrong, since (*token.File).Offset does not panic,
so this function was basically a noop (since CL 559436).

To work properly it would have to be:

return p.file.Pos(p.file.Offset(pos))

Since it effectively acts as a no-op and hasn't been noticed since,
let's go ahead and remove it.

Change-Id: I00a1bcc5af6a996c63de3f1175c15062e85cf89b
Reviewed-on: https://go-review.googlesource.com/c/go/+/692955
LUCI-TryBot-Result: Go LUCI <[email protected]>
Commit-Queue: Alan Donovan <[email protected]>
Auto-Submit: Alan Donovan <[email protected]>
Reviewed-by: Alan Donovan <[email protected]>
Reviewed-by: Robert Findley <[email protected]>
@randall77
cmd/compile: move riscv64 over to new bounds check strategy
9569381 
Change-Id: Idd9eaf051aa57f7fef7049c12085926030c35d70
Reviewed-on: https://go-review.googlesource.com/c/go/+/682401
Reviewed-by: Mark Freeman <[email protected]>
Reviewed-by: Keith Randall <[email protected]>
Reviewed-by: Joel Sing <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
@randall77
cmd/compile: move s390x over to new bounds check strategy
7a1679d 
Change-Id: I86ed1a60165b729bb88a8a418da0ea1b59b3dc10
Reviewed-on: https://go-review.googlesource.com/c/go/+/682499
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Mauri de Souza Meneguzzo <[email protected]>
Reviewed-by: Keith Randall <[email protected]>
Reviewed-by: Michael Munday <[email protected]>
Reviewed-by: Mark Freeman <[email protected]>
@austinderek austinderek force-pushed the master branch 6 times, most recently from 7a1679d to 121e5bb Compare August 4, 2025 19:04
@staging Staging
Copy link

staging bot commented Aug 4, 2025

🔍 This pull request has been sent to HackerOne's PullRequest review team because our automation detected one or more changes with potential security impact or requires further evaluation. Experts are now being assigned to this review based on relevant expertise and will validate or dismiss any security findings accordingly and post their feedback as comments within this pull request.

⏱️ Latest scan covered changes up to commit 384b795 (latest)

Check the status or cancel this secure code review here.

@austinderek austinderek force-pushed the master branch 15 times, most recently from 121e5bb to 7a1679d Compare August 5, 2025 03:31
@austinderek austinderek force-pushed the master branch 27 times, most recently from dd3abf6 to 121e5bb Compare August 8, 2025 04:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.