go.mod: upgrade glog
github.com/golang/glog 1.2.2 is reported to be vulnerable, so we'll upgrade to 1.2.4.
This commit is contained in:
Florian Schüller
Florian Schüller
parent
4bffb70afe
commit
85ce08cad9
7 changed files with 73 additions and 22 deletions
2
vendor/github.com/golang/glog/glog.go
generated
vendored
2
vendor/github.com/golang/glog/glog.go
generated
vendored
|
|
@ -76,7 +76,7 @@
|
|||
// -log_backtrace_at=gopherflakes.go:234
|
||||
// A stack trace will be written to the Info log whenever execution
|
||||
// hits one of these statements. (Unlike with -vmodule, the ".go"
|
||||
// must bepresent.)
|
||||
// must be present.)
|
||||
// -v=0
|
||||
// Enable V-leveled logging at the specified level.
|
||||
// -vmodule=""
|
||||
|
|
|
|||
65
vendor/github.com/golang/glog/glog_file.go
generated
vendored
65
vendor/github.com/golang/glog/glog_file.go
generated
vendored
|
|
@ -116,32 +116,53 @@ var onceLogDirs sync.Once
|
|||
// contains tag ("INFO", "FATAL", etc.) and t. If the file is created
|
||||
// successfully, create also attempts to update the symlink for that tag, ignoring
|
||||
// errors.
|
||||
func create(tag string, t time.Time) (f *os.File, filename string, err error) {
|
||||
func create(tag string, t time.Time, dir string) (f *os.File, filename string, err error) {
|
||||
if dir != "" {
|
||||
f, name, err := createInDir(dir, tag, t)
|
||||
if err == nil {
|
||||
return f, name, err
|
||||
}
|
||||
return nil, "", fmt.Errorf("log: cannot create log: %v", err)
|
||||
}
|
||||
|
||||
onceLogDirs.Do(createLogDirs)
|
||||
if len(logDirs) == 0 {
|
||||
return nil, "", errors.New("log: no log dirs")
|
||||
}
|
||||
name, link := logName(tag, t)
|
||||
var lastErr error
|
||||
for _, dir := range logDirs {
|
||||
fname := filepath.Join(dir, name)
|
||||
f, err := os.Create(fname)
|
||||
f, name, err := createInDir(dir, tag, t)
|
||||
if err == nil {
|
||||
symlink := filepath.Join(dir, link)
|
||||
os.Remove(symlink) // ignore err
|
||||
os.Symlink(name, symlink) // ignore err
|
||||
if *logLink != "" {
|
||||
lsymlink := filepath.Join(*logLink, link)
|
||||
os.Remove(lsymlink) // ignore err
|
||||
os.Symlink(fname, lsymlink) // ignore err
|
||||
}
|
||||
return f, fname, nil
|
||||
return f, name, err
|
||||
}
|
||||
lastErr = err
|
||||
}
|
||||
return nil, "", fmt.Errorf("log: cannot create log: %v", lastErr)
|
||||
}
|
||||
|
||||
func createInDir(dir, tag string, t time.Time) (f *os.File, name string, err error) {
|
||||
name, link := logName(tag, t)
|
||||
fname := filepath.Join(dir, name)
|
||||
// O_EXCL is important here, as it prevents a vulnerability. The general idea is that logs often
|
||||
// live in an insecure directory (like /tmp), so an unprivileged attacker could create fname in
|
||||
// advance as a symlink to a file the logging process can access, but the attacker cannot. O_EXCL
|
||||
// fails the open if it already exists, thus prevent our this code from opening the existing file
|
||||
// the attacker points us to.
|
||||
f, err = os.OpenFile(fname, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0666)
|
||||
if err == nil {
|
||||
symlink := filepath.Join(dir, link)
|
||||
os.Remove(symlink) // ignore err
|
||||
os.Symlink(name, symlink) // ignore err
|
||||
if *logLink != "" {
|
||||
lsymlink := filepath.Join(*logLink, link)
|
||||
os.Remove(lsymlink) // ignore err
|
||||
os.Symlink(fname, lsymlink) // ignore err
|
||||
}
|
||||
return f, fname, nil
|
||||
}
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
// flushSyncWriter is the interface satisfied by logging destinations.
|
||||
type flushSyncWriter interface {
|
||||
Flush() error
|
||||
|
|
@ -158,7 +179,10 @@ var sinks struct {
|
|||
func init() {
|
||||
// Register stderr first: that way if we crash during file-writing at least
|
||||
// the log will have gone somewhere.
|
||||
logsink.TextSinks = append(logsink.TextSinks, &sinks.stderr, &sinks.file)
|
||||
if shouldRegisterStderrSink() {
|
||||
logsink.TextSinks = append(logsink.TextSinks, &sinks.stderr)
|
||||
}
|
||||
logsink.TextSinks = append(logsink.TextSinks, &sinks.file)
|
||||
|
||||
sinks.file.flushChan = make(chan logsink.Severity, 1)
|
||||
go sinks.file.flushDaemon()
|
||||
|
|
@ -245,6 +269,7 @@ type syncBuffer struct {
|
|||
names []string
|
||||
sev logsink.Severity
|
||||
nbytes uint64 // The number of bytes written to this file
|
||||
madeAt time.Time
|
||||
}
|
||||
|
||||
func (sb *syncBuffer) Sync() error {
|
||||
|
|
@ -252,9 +277,14 @@ func (sb *syncBuffer) Sync() error {
|
|||
}
|
||||
|
||||
func (sb *syncBuffer) Write(p []byte) (n int, err error) {
|
||||
// Rotate the file if it is too large, but ensure we only do so,
|
||||
// if rotate doesn't create a conflicting filename.
|
||||
if sb.nbytes+uint64(len(p)) >= MaxSize {
|
||||
if err := sb.rotateFile(time.Now()); err != nil {
|
||||
return 0, err
|
||||
now := timeNow()
|
||||
if now.After(sb.madeAt.Add(1*time.Second)) || now.Second() != sb.madeAt.Second() {
|
||||
if err := sb.rotateFile(now); err != nil {
|
||||
return 0, err
|
||||
}
|
||||
}
|
||||
}
|
||||
n, err = sb.Writer.Write(p)
|
||||
|
|
@ -272,7 +302,8 @@ const footer = "\nCONTINUED IN NEXT FILE\n"
|
|||
func (sb *syncBuffer) rotateFile(now time.Time) error {
|
||||
var err error
|
||||
pn := "<none>"
|
||||
file, name, err := create(sb.sev.String(), now)
|
||||
file, name, err := create(sb.sev.String(), now, "")
|
||||
sb.madeAt = now
|
||||
|
||||
if sb.file != nil {
|
||||
// The current log file becomes the previous log at the end of
|
||||
|
|
|
|||
7
vendor/github.com/golang/glog/glog_file_nonwindows.go
generated
vendored
7
vendor/github.com/golang/glog/glog_file_nonwindows.go
generated
vendored
|
|
@ -4,6 +4,13 @@ package glog
|
|||
|
||||
import "os/user"
|
||||
|
||||
// shouldRegisterStderrSink determines whether we should register a log sink that writes to stderr.
|
||||
// Today, this always returns true on non-Windows platforms, as it specifically checks for a
|
||||
// condition that is only present on Windows.
|
||||
func shouldRegisterStderrSink() bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func lookupUser() string {
|
||||
if current, err := user.Current(); err == nil {
|
||||
return current.Username
|
||||
|
|
|
|||
13
vendor/github.com/golang/glog/glog_file_windows.go
generated
vendored
13
vendor/github.com/golang/glog/glog_file_windows.go
generated
vendored
|
|
@ -3,9 +3,22 @@
|
|||
package glog
|
||||
|
||||
import (
|
||||
"os"
|
||||
"syscall"
|
||||
)
|
||||
|
||||
// shouldRegisterStderrSink determines whether we should register a log sink that writes to stderr.
|
||||
// Today, this checks if stderr is "valid", in that it maps to a non-NULL Handle.
|
||||
// Windows Services are spawned without Stdout and Stderr, so any attempt to use them equates to
|
||||
// referencing an invalid file Handle.
|
||||
// os.Stderr's FD is derived from a call to `syscall.GetStdHandle(syscall.STD_ERROR_HANDLE)`.
|
||||
// Documentation[1] for the GetStdHandle function indicates the return value may be NULL if the
|
||||
// application lacks the standard handle, so consider Stderr valid if its FD is non-NULL.
|
||||
// [1]: https://learn.microsoft.com/en-us/windows/console/getstdhandle
|
||||
func shouldRegisterStderrSink() bool {
|
||||
return os.Stderr.Fd() != 0
|
||||
}
|
||||
|
||||
// This follows the logic in the standard library's user.Current() function, except
|
||||
// that it leaves out the potentially expensive calls required to look up the user's
|
||||
// display name in Active Directory.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue