Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d (CVE-2019-5736)

Includes 6635b4f0c6, which fixes a vulnerability in runc that allows a container escape (CVE-2019-5736) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-02-11 15:18:59 +01:00
parent b02ab6c742
commit 14eaad0cd9
210 changed files with 56732 additions and 5886 deletions
--- a/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
@@ -2,23 +2,36 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build darwin dragonfly freebsd linux netbsd openbsd solaris
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris

 // Socket control messages

 package unix

-import "unsafe"
+import (
+	"runtime"
+	"unsafe"
+)

 // Round the length of a raw sockaddr up to align it properly.
 func cmsgAlignOf(salen int) int {
-	salign := sizeofPtr
-	// NOTE: It seems like 64-bit Darwin, DragonFly BSD and
-	// Solaris kernels still require 32-bit aligned access to
-	// network subsystem.
-	if darwin64Bit || dragonfly64Bit || solaris64Bit {
-		salign = 4
+	salign := SizeofPtr
+
+	switch runtime.GOOS {
+	case "darwin", "dragonfly", "solaris":
+		// NOTE: It seems like 64-bit Darwin, DragonFly BSD and
+		// Solaris kernels still require 32-bit aligned access to
+		// network subsystem.
+		if SizeofPtr == 8 {
+			salign = 4
+		}
+	case "openbsd":
+		// OpenBSD armv7 requires 64-bit alignment.
+		if runtime.GOARCH == "arm" {
+			salign = 8
+		}
 	}
+
 	return (salen + salign - 1) & ^(salign - 1)
 }