libgo patch committed: Update to 1.6.1 release

libgo patch committed: Update to 1.6.1 release

[Ian Lance Taylor]

[-- Attachment #1: Type: text/plain, Size: 348 bytes --]

This patch updates libgo to the 1.6.1 release.  This is a minor
release that just fixes a couple of bugs with potential security
implications (see
https://github.com/golang/go/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+milestone%3AGo1.6.1
for more details).  Bootstrapped and ran Go testsuite on
x86_64-pc-linux-gnu.  Committed to mainline.

Ian

[-- Attachment #2: patch.txt --]
[-- Type: text/plain, Size: 9510 bytes --]

Index: gcc/go/gofrontend/MERGE
===================================================================
--- gcc/go/gofrontend/MERGE	(revision 234923)
+++ gcc/go/gofrontend/MERGE	(working copy)
@@ -1,4 +1,4 @@
-8e7b5e777333fa4cd070d96e94ea82e3e1132739
+ff29ea8e4e69eb94958aef4388da09a61b2b52b6
 
 The first line of this file holds the git revision number of the last
 merge done from the gofrontend repository.
Index: libgo/MERGE
===================================================================
--- libgo/MERGE	(revision 234304)
+++ libgo/MERGE	(working copy)
@@ -1,4 +1,4 @@
-7bc40ffb05d8813bf9b41a331b45d37216f9e747
+f5cf5673590a68c55b2330df9dfcdd6fac75b893
 
 The first line of this file holds the git revision number of the
 last merge done from the master library sources.
Index: libgo/VERSION
===================================================================
--- libgo/VERSION	(revision 234304)
+++ libgo/VERSION	(working copy)
@@ -1 +1 @@
-go1.6
\ No newline at end of file
+go1.6.1
\ No newline at end of file
Index: libgo/go/crypto/dsa/dsa.go
===================================================================
--- libgo/go/crypto/dsa/dsa.go	(revision 234304)
+++ libgo/go/crypto/dsa/dsa.go	(working copy)
@@ -249,6 +249,10 @@ func Sign(rand io.Reader, priv *PrivateK
 func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
 	// FIPS 186-3, section 4.7
 
+	if pub.P.Sign() == 0 {
+		return false
+	}
+
 	if r.Sign() < 1 || r.Cmp(pub.Q) >= 0 {
 		return false
 	}
Index: libgo/go/crypto/ecdsa/ecdsa.go
===================================================================
--- libgo/go/crypto/ecdsa/ecdsa.go	(revision 234304)
+++ libgo/go/crypto/ecdsa/ecdsa.go	(working copy)
@@ -23,6 +23,7 @@ import (
 	"crypto/elliptic"
 	"crypto/sha512"
 	"encoding/asn1"
+	"errors"
 	"io"
 	"math/big"
 )
@@ -140,6 +141,8 @@ func fermatInverse(k, N *big.Int) *big.I
 	return new(big.Int).Exp(k, nMinus2, N)
 }
 
+var errZeroParam = errors.New("zero parameter")
+
 // Sign signs an arbitrary length hash (which should be the result of hashing a
 // larger message) using the private key, priv. It returns the signature as a
 // pair of integers. The security of the private key depends on the entropy of
@@ -180,7 +183,9 @@ func Sign(rand io.Reader, priv *PrivateK
 	// See [NSA] 3.4.1
 	c := priv.PublicKey.Curve
 	N := c.Params().N
-
+	if N.Sign() == 0 {
+		return nil, nil, errZeroParam
+	}
 	var k, kInv *big.Int
 	for {
 		for {
@@ -193,7 +198,7 @@ func Sign(rand io.Reader, priv *PrivateK
 			if in, ok := priv.Curve.(invertible); ok {
 				kInv = in.Inverse(k)
 			} else {
-				kInv = fermatInverse(k, N)
+				kInv = fermatInverse(k, N) // N != 0
 			}
 
 			r, _ = priv.Curve.ScalarBaseMult(k.Bytes())
@@ -207,7 +212,7 @@ func Sign(rand io.Reader, priv *PrivateK
 		s = new(big.Int).Mul(priv.D, r)
 		s.Add(s, e)
 		s.Mul(s, kInv)
-		s.Mod(s, N)
+		s.Mod(s, N) // N != 0
 		if s.Sign() != 0 {
 			break
 		}
Index: libgo/go/crypto/rsa/rsa.go
===================================================================
--- libgo/go/crypto/rsa/rsa.go	(revision 234304)
+++ libgo/go/crypto/rsa/rsa.go	(working copy)
@@ -465,6 +465,9 @@ func decrypt(random io.Reader, priv *Pri
 		err = ErrDecryption
 		return
 	}
+	if priv.N.Sign() == 0 {
+		return nil, ErrDecryption
+	}
 
 	var ir *big.Int
 	if random != nil {
@@ -490,7 +493,7 @@ func decrypt(random io.Reader, priv *Pri
 			}
 		}
 		bigE := big.NewInt(int64(priv.E))
-		rpowe := new(big.Int).Exp(r, bigE, priv.N)
+		rpowe := new(big.Int).Exp(r, bigE, priv.N) // N != 0
 		cCopy := new(big.Int).Set(c)
 		cCopy.Mul(cCopy, rpowe)
 		cCopy.Mod(cCopy, priv.N)
Index: libgo/go/go/build/deps_test.go
===================================================================
--- libgo/go/go/build/deps_test.go	(revision 234304)
+++ libgo/go/go/build/deps_test.go	(working copy)
@@ -132,10 +132,10 @@ var pkgDeps = map[string][]string{
 	// End of linear dependency definitions.
 
 	// Operating system access.
-	"syscall":                           {"L0", "internal/race", "unicode/utf16"},
+	"syscall":                           {"L0", "internal/race", "internal/syscall/windows/sysdll", "unicode/utf16"},
 	"internal/syscall/unix":             {"L0", "syscall"},
-	"internal/syscall/windows":          {"L0", "syscall"},
-	"internal/syscall/windows/registry": {"L0", "syscall", "unicode/utf16"},
+	"internal/syscall/windows":          {"L0", "syscall", "internal/syscall/windows/sysdll"},
+	"internal/syscall/windows/registry": {"L0", "syscall", "internal/syscall/windows/sysdll", "unicode/utf16"},
 	"time":          {"L0", "syscall", "internal/syscall/windows/registry"},
 	"os":            {"L1", "os", "syscall", "time", "internal/syscall/windows"},
 	"path/filepath": {"L2", "os", "syscall"},
Index: libgo/go/internal/syscall/windows/registry/syscall.go
===================================================================
--- libgo/go/internal/syscall/windows/registry/syscall.go	(revision 234304)
+++ libgo/go/internal/syscall/windows/registry/syscall.go	(working copy)
@@ -8,7 +8,7 @@ package registry
 
 import "syscall"
 
-//go:generate go run $GOROOT/src/syscall/mksyscall_windows.go -output zsyscall_windows.go syscall.go
+//go:generate go run $GOROOT/src/syscall/mksyscall_windows.go -output zsyscall_windows.go -systemdll syscall.go
 
 const (
 	_REG_OPTION_NON_VOLATILE = 0
Index: libgo/go/internal/syscall/windows/registry/zsyscall_windows.go
===================================================================
--- libgo/go/internal/syscall/windows/registry/zsyscall_windows.go	(revision 234304)
+++ libgo/go/internal/syscall/windows/registry/zsyscall_windows.go	(working copy)
@@ -4,12 +4,13 @@ package registry
 
 import "unsafe"
 import "syscall"
+import "internal/syscall/windows/sysdll"
 
 var _ unsafe.Pointer
 
 var (
-	modadvapi32 = syscall.NewLazyDLL("advapi32.dll")
-	modkernel32 = syscall.NewLazyDLL("kernel32.dll")
+	modadvapi32 = syscall.NewLazyDLL(sysdll.Add("advapi32.dll"))
+	modkernel32 = syscall.NewLazyDLL(sysdll.Add("kernel32.dll"))
 
 	procRegCreateKeyExW           = modadvapi32.NewProc("RegCreateKeyExW")
 	procRegDeleteKeyW             = modadvapi32.NewProc("RegDeleteKeyW")
Index: libgo/go/internal/syscall/windows/syscall_windows.go
===================================================================
--- libgo/go/internal/syscall/windows/syscall_windows.go	(revision 234304)
+++ libgo/go/internal/syscall/windows/syscall_windows.go	(working copy)
@@ -6,7 +6,7 @@ package windows
 
 import "syscall"
 
-//go:generate go run ../../../syscall/mksyscall_windows.go -output zsyscall_windows.go syscall_windows.go
+//go:generate go run ../../../syscall/mksyscall_windows.go -output zsyscall_windows.go -systemdll syscall_windows.go
 
 const GAA_FLAG_INCLUDE_PREFIX = 0x00000010
 
Index: libgo/go/internal/syscall/windows/sysdll/sysdll.go
===================================================================
--- libgo/go/internal/syscall/windows/sysdll/sysdll.go	(revision 0)
+++ libgo/go/internal/syscall/windows/sysdll/sysdll.go	(working copy)
@@ -0,0 +1,28 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package sysdll is an internal leaf package that records and reports
+// which Windows DLL names are used by Go itself. These DLLs are then
+// only loaded from the System32 directory. See Issue 14959.
+package sysdll
+
+// IsSystemDLL reports whether the named dll key (a base name, like
+// "foo.dll") is a system DLL which should only be loaded from the
+// Windows SYSTEM32 directory.
+//
+// Filenames are case sensitive, but that doesn't matter because
+// the case registered with Add is also the same case used with
+// LoadDLL later.
+//
+// It has no associated mutex and should only be mutated serially
+// (currently: during init), and not concurrent with DLL loading.
+var IsSystemDLL = map[string]bool{}
+
+// Add notes that dll is a system32 DLL which should only be loaded
+// from the Windows SYSTEM32 directory. It returns its argument back,
+// for ease of use in generated code.
+func Add(dll string) string {
+	IsSystemDLL[dll] = true
+	return dll
+}
Index: libgo/go/internal/syscall/windows/zsyscall_windows.go
===================================================================
--- libgo/go/internal/syscall/windows/zsyscall_windows.go	(revision 234304)
+++ libgo/go/internal/syscall/windows/zsyscall_windows.go	(working copy)
@@ -4,12 +4,13 @@ package windows
 
 import "unsafe"
 import "syscall"
+import "internal/syscall/windows/sysdll"
 
 var _ unsafe.Pointer
 
 var (
-	modiphlpapi = syscall.NewLazyDLL("iphlpapi.dll")
-	modkernel32 = syscall.NewLazyDLL("kernel32.dll")
+	modiphlpapi = syscall.NewLazyDLL(sysdll.Add("iphlpapi.dll"))
+	modkernel32 = syscall.NewLazyDLL(sysdll.Add("kernel32.dll"))
 
 	procGetAdaptersAddresses = modiphlpapi.NewProc("GetAdaptersAddresses")
 	procGetComputerNameExW   = modkernel32.NewProc("GetComputerNameExW")
Index: libgo/go/runtime/export_windows_test.go
===================================================================
--- libgo/go/runtime/export_windows_test.go	(revision 234304)
+++ libgo/go/runtime/export_windows_test.go	(working copy)
@@ -15,3 +15,7 @@ func NumberOfProcessors() int32 {
 	stdcall1(_GetSystemInfo, uintptr(unsafe.Pointer(&info)))
 	return int32(info.dwnumberofprocessors)
 }
+
+func LoadLibraryExStatus() (useEx, haveEx, haveFlags bool) {
+	return useLoadLibraryEx, _LoadLibraryExW != nil, _AddDllDirectory != nil
+}