[Secure Coding] master: Go: Add section on deserialization (1865417)
fweimer at fedoraproject.org
fweimer at fedoraproject.org
Wed Aug 13 07:53:57 UTC 2014
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 18654176d5d06211ba6393ceaf83afc53080d146
Author: Florian Weimer <fweimer at redhat.com>
Date: Wed Aug 13 09:44:05 2014 +0200
Go: Add section on deserialization
In particular, warn about information leakage due to object reuse.
>---------------------------------------------------------------
defensive-coding/en-US/Go.xml | 20 ++++++++++++++++++++
1 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/defensive-coding/en-US/Go.xml b/defensive-coding/en-US/Go.xml
index 0e44d5e..b5529a6 100644
--- a/defensive-coding/en-US/Go.xml
+++ b/defensive-coding/en-US/Go.xml
@@ -87,4 +87,24 @@
spontaneously.
</para>
</section>
+<section id="chap-Defensive_Coding-Go-Marshaling">
+ <title>Marshaling and marshaling</title>
+ <para>
+ Several packages in the <literal>encoding</literal> hierarchy
+ provide support for serialization and deserialization. The usual
+ caveats apply (see
+ <xref linkend="chap-Defensive_Coding-Tasks-Serialization"/>).
+ </para>
+ <para>
+ As an additional precaution, the <function>Unmarshal</function>
+ and <function>Decode</function> functions should only be used with
+ fresh values in the <literal>interface{}</literal> argument. This
+ is due to the way defaults for missing values are implemented:
+ During deserialization, missing value do not result in an error,
+ but the original value is preserved. Using a fresh value (with
+ suitable default values if necessary) ensures that data from a
+ previous deserialization operation does not leak into the current
+ one. This is especially relevant when structs are deserialized.
+ </para>
+</section>
</chapter>
More information about the security
mailing list