Google Git
Sign in
go / net / 0819898fb4973868bba6de59b6aaad75beea9a6a
commit0819898fb4973868bba6de59b6aaad75beea9a6a[log] [tgz]
authorMartin Probst <martin@probst.io>Tue May 02 12:17:47 2017 +0200
committerBrad Fitzpatrick <bradfitz@golang.org>Tue May 02 13:46:37 2017 +0000
tree9ea42f307f8a233f987f93a18924a3e7113b59c0
parentda118f7b8e5954f39d0d2130ab35d4bf0e3cb344 [diff]
xsrftoken: panic for unsafe zero length keys

Passing a zero length key (or secret) gives no safety against XSRF
attacks. This is a relatively easy mistake to make, e.g. by passing
`make([]byte, 0, 1024)` to `rand.Read` instead of `make([]byte, 1024)`,
and currently fails open, silently.

This uses panic, as the API does not allow returning a structured error,
and catching this programming error is not worth breaking API
compatibility. Passing a zero length secret is also not an error
condition that API callers would handle, so there is little value in
returning a proper error.

Change-Id: Ib6457347675872188d51d2a220eee4b67900f79e
Reviewed-on: https://go-review.googlesource.com/42411
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
1 file changed
tree: 9ea42f307f8a233f987f93a18924a3e7113b59c0
  1. bpf/
  2. context/
  3. dict/
  4. dns/
  5. html/
  6. http2/
  7. icmp/
  8. idna/
  9. internal/
  10. ipv4/
  11. ipv6/
  12. lex/
  13. lif/
  14. nettest/
  15. netutil/
  16. proxy/
  17. publicsuffix/
  18. route/
  19. trace/
  20. webdav/
  21. websocket/
  22. xsrftoken/
  23. .gitattributes
  24. .gitignore
  25. AUTHORS
  26. codereview.cfg
  27. CONTRIBUTING.md
  28. CONTRIBUTORS
  29. LICENSE
  30. PATENTS
  31. README