1 files changed, 0 insertions, 89 deletions

diff --git a/meta/recipes-devtools/go/go/CVE-2023-24537.patch b/meta/recipes-devtools/go/go/CVE-2023-24537.patch
deleted file mode 100644
index 6b5dc2c8d9..0000000000
--- a/meta/recipes-devtools/go/go/CVE-2023-24537.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-From 110e4fb1c2e3a21631704bbfaf672230b9ba2492 Mon Sep 17 00:00:00 2001
-From: Damien Neil <dneil@google.com>
-Date: Wed, 22 Mar 2023 09:33:22 -0700
-Subject: [PATCH] go/scanner: reject large line and column numbers in //line
- directives
-
-Setting a large line or column number using a //line directive can cause
-integer overflow even in small source files.
-
-Limit line and column numbers in //line directives to 2^30-1, which
-is small enough to avoid int32 overflow on all reasonbly-sized files.
-
-For #59180
-Fixes CVE-2023-24537
-
-Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1802456
-Reviewed-by: Julie Qiu <julieqiu@google.com>
-Reviewed-by: Roland Shoemaker <bracewell@google.com>
-Run-TryBot: Damien Neil <dneil@google.com>
-Change-Id: I149bf34deca532af7994203fa1e6aca3c890ea14
-Reviewed-on: https://go-review.googlesource.com/c/go/+/482078
-Reviewed-by: Matthew Dempsky <mdempsky@google.com>
-TryBot-Bypass: Michael Knyszek <mknyszek@google.com>
-Run-TryBot: Michael Knyszek <mknyszek@google.com>
-Auto-Submit: Michael Knyszek <mknyszek@google.com>
-
-CVE: CVE-2023-24537
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- src/go/parser/parser_test.go | 16 ++++++++++++++++
- src/go/scanner/scanner.go    |  7 +++++--
- 2 files changed, 21 insertions(+), 2 deletions(-)
-
-diff --git a/src/go/parser/parser_test.go b/src/go/parser/parser_test.go
-index 153562df75068..22b11a0cc4535 100644
---- a/src/go/parser/parser_test.go
-+++ b/src/go/parser/parser_test.go
-@@ -764,3 +764,19 @@ func TestRangePos(t *testing.T) {
- 		})
- 	}
- }
-+
-+// TestIssue59180 tests that line number overflow doesn't cause an infinite loop.
-+func TestIssue59180(t *testing.T) {
-+	testcases := []string{
-+		"package p\n//line :9223372036854775806\n\n//",
-+		"package p\n//line :1:9223372036854775806\n\n//",
-+		"package p\n//line file:9223372036854775806\n\n//",
-+	}
-+
-+	for _, src := range testcases {
-+		_, err := ParseFile(token.NewFileSet(), "", src, ParseComments)
-+		if err == nil {
-+			t.Errorf("ParseFile(%s) succeeded unexpectedly", src)
-+		}
-+	}
-+}
-diff --git a/src/go/scanner/scanner.go b/src/go/scanner/scanner.go
-index 16958d22ce299..0cd9f5901d0bb 100644
---- a/src/go/scanner/scanner.go
-+++ b/src/go/scanner/scanner.go
-@@ -253,13 +253,16 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) {
- 		return
- 	}
- 
-+	// Put a cap on the maximum size of line and column numbers.
-+	// 30 bits allows for some additional space before wrapping an int32.
-+	const maxLineCol = 1<<30 - 1
- 	var line, col int
- 	i2, n2, ok2 := trailingDigits(text[:i-1])
- 	if ok2 {
- 		//line filename:line:col
- 		i, i2 = i2, i
- 		line, col = n2, n
--		if col == 0 {
-+		if col == 0 || col > maxLineCol {
- 			s.error(offs+i2, "invalid column number: "+string(text[i2:]))
- 			return
- 		}
-@@ -269,7 +272,7 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) {
- 		line = n
- 	}
- 
--	if line == 0 {
-+	if line == 0 || line > maxLineCol {
- 		s.error(offs+i, "invalid line number: "+string(text[i:]))
- 		return
- 	}