Update vendor containers/(common,storage,buildah,image)

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-12-11 17:27:19 +08:00 · 2022-10-27 16:26:57 -04:00
parent 26e5661c27
commit 6fe64591d6
283 changed files with 32861 additions and 4204 deletions
--- a/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go
@@ -1,5 +1,3 @@
-// +build windows
-
 // Package guid provides a GUID type. The backing structure for a GUID is
 // identical to that used by the golang.org/x/sys/windows GUID type.
 // There are two main binary encodings used for a GUID, the big-endian encoding,
@@ -9,24 +7,26 @@ package guid

 import (
 	"crypto/rand"
-	"crypto/sha1"
+	"crypto/sha1" //nolint:gosec // not used for secure application
 	"encoding"
 	"encoding/binary"
 	"fmt"
 	"strconv"
 )

+//go:generate go run golang.org/x/tools/cmd/stringer -type=Variant -trimprefix=Variant -linecomment
+
 // Variant specifies which GUID variant (or "type") of the GUID. It determines
 // how the entirety of the rest of the GUID is interpreted.
 type Variant uint8

-// The variants specified by RFC 4122.
+// The variants specified by RFC 4122 section 4.1.1.
 const (
 	// VariantUnknown specifies a GUID variant which does not conform to one of
 	// the variant encodings specified in RFC 4122.
 	VariantUnknown Variant = iota
 	VariantNCS
-	VariantRFC4122
+	VariantRFC4122 // RFC 4122
 	VariantMicrosoft
 	VariantFuture
 )
@@ -36,6 +36,10 @@ const (
 // hash of an input string.
 type Version uint8

+func (v Version) String() string {
+	return strconv.FormatUint(uint64(v), 10)
+}
+
 var _ = (encoding.TextMarshaler)(GUID{})
 var _ = (encoding.TextUnmarshaler)(&GUID{})

@@ -61,7 +65,7 @@ func NewV4() (GUID, error) {
 // big-endian UTF16 stream of bytes. If that is desired, the string can be
 // encoded as such before being passed to this function.
 func NewV5(namespace GUID, name []byte) (GUID, error) {
-	b := sha1.New()
+	b := sha1.New() //nolint:gosec // not used for secure application
 	namespaceBytes := namespace.ToArray()
 	b.Write(namespaceBytes[:])
 	b.Write(name)
--- a/vendor/github.com/Microsoft/go-winio/pkg/guid/guid_nonwindows.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/guid/guid_nonwindows.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package guid
--- a/vendor/github.com/Microsoft/go-winio/pkg/guid/guid_windows.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/guid/guid_windows.go
@@ -1,3 +1,6 @@
+//go:build windows
+// +build windows
+
 package guid

 import "golang.org/x/sys/windows"
--- a/vendor/github.com/Microsoft/go-winio/pkg/guid/variant_string.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/guid/variant_string.go
@@ -0,0 +1,27 @@
+// Code generated by "stringer -type=Variant -trimprefix=Variant -linecomment"; DO NOT EDIT.
+
+package guid
+
+import "strconv"
+
+func _() {
+	// An "invalid array index" compiler error signifies that the constant values have changed.
+	// Re-run the stringer command to generate them again.
+	var x [1]struct{}
+	_ = x[VariantUnknown-0]
+	_ = x[VariantNCS-1]
+	_ = x[VariantRFC4122-2]
+	_ = x[VariantMicrosoft-3]
+	_ = x[VariantFuture-4]
+}
+
+const _Variant_name = "UnknownNCSRFC 4122MicrosoftFuture"
+
+var _Variant_index = [...]uint8{0, 7, 10, 18, 27, 33}
+
+func (i Variant) String() string {
+	if i >= Variant(len(_Variant_index)-1) {
+		return "Variant(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _Variant_name[_Variant_index[i]:_Variant_index[i+1]]
+}
--- a/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go
@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows

 package security
@@ -20,6 +21,7 @@ type (
 	trusteeForm         uint32
 	trusteeType         uint32

+	//nolint:structcheck // structcheck thinks fields are unused, but the are used to pass data to OS
 	explicitAccess struct {
 		accessPermissions accessMask
 		accessMode        accessMode
@@ -27,6 +29,7 @@ type (
 		trustee           trustee
 	}

+	//nolint:structcheck,unused // structcheck thinks fields are unused, but the are used to pass data to OS
 	trustee struct {
 		multipleTrustee          *trustee
 		multipleTrusteeOperation int32
@@ -44,6 +47,7 @@ const (
 	desiredAccessReadControl desiredAccess = 0x20000
 	desiredAccessWriteDac    desiredAccess = 0x40000

+	//cspell:disable-next-line
 	gvmga = "GrantVmGroupAccess:"

 	inheritModeNoInheritance                  inheritMode = 0x0
@@ -56,9 +60,9 @@ const (
 	shareModeRead  shareMode = 0x1
 	shareModeWrite shareMode = 0x2

-	sidVmGroup = "S-1-5-83-0"
+	sidVMGroup = "S-1-5-83-0"

-	trusteeFormIsSid trusteeForm = 0
+	trusteeFormIsSID trusteeForm = 0

 	trusteeTypeWellKnownGroup trusteeType = 5
 )
@@ -67,6 +71,8 @@ const (
 // include Grant ACE entries for the VM Group SID. This is a golang re-
 // implementation of the same function in vmcompute, just not exported in
 // RS5. Which kind of sucks. Sucks a lot :/
+//
+//revive:disable-next-line:var-naming VM, not Vm
 func GrantVmGroupAccess(name string) error {
 	// Stat (to determine if `name` is a directory).
 	s, err := os.Stat(name)
@@ -79,7 +85,7 @@ func GrantVmGroupAccess(name string) error {
 	if err != nil {
 		return err // Already wrapped
 	}
-	defer syscall.CloseHandle(fd)
+	defer syscall.CloseHandle(fd) //nolint:errcheck

 	// Get the current DACL and Security Descriptor. Must defer LocalFree on success.
 	ot := objectTypeFileObject
@@ -89,7 +95,7 @@ func GrantVmGroupAccess(name string) error {
 	if err := getSecurityInfo(fd, uint32(ot), uint32(si), nil, nil, &origDACL, nil, &sd); err != nil {
 		return fmt.Errorf("%s GetSecurityInfo %s: %w", gvmga, name, err)
 	}
-	defer syscall.LocalFree((syscall.Handle)(unsafe.Pointer(sd)))
+	defer syscall.LocalFree((syscall.Handle)(unsafe.Pointer(sd))) //nolint:errcheck

 	// Generate a new DACL which is the current DACL with the required ACEs added.
 	// Must defer LocalFree on success.
@@ -97,7 +103,7 @@ func GrantVmGroupAccess(name string) error {
 	if err != nil {
 		return err // Already wrapped
 	}
-	defer syscall.LocalFree((syscall.Handle)(unsafe.Pointer(newDACL)))
+	defer syscall.LocalFree((syscall.Handle)(unsafe.Pointer(newDACL))) //nolint:errcheck

 	// And finally use SetSecurityInfo to apply the updated DACL.
 	if err := setSecurityInfo(fd, uint32(ot), uint32(si), uintptr(0), uintptr(0), newDACL, uintptr(0)); err != nil {
@@ -110,16 +116,19 @@ func GrantVmGroupAccess(name string) error {
 // createFile is a helper function to call [Nt]CreateFile to get a handle to
 // the file or directory.
 func createFile(name string, isDir bool) (syscall.Handle, error) {
-	namep := syscall.StringToUTF16(name)
+	namep, err := syscall.UTF16FromString(name)
+	if err != nil {
+		return syscall.InvalidHandle, fmt.Errorf("could not convernt name to UTF-16: %w", err)
+	}
 	da := uint32(desiredAccessReadControl | desiredAccessWriteDac)
 	sm := uint32(shareModeRead | shareModeWrite)
 	fa := uint32(syscall.FILE_ATTRIBUTE_NORMAL)
 	if isDir {
-		fa = uint32(fa | syscall.FILE_FLAG_BACKUP_SEMANTICS)
+		fa |= syscall.FILE_FLAG_BACKUP_SEMANTICS
 	}
 	fd, err := syscall.CreateFile(&namep[0], da, sm, nil, syscall.OPEN_EXISTING, fa, 0)
 	if err != nil {
-		return 0, fmt.Errorf("%s syscall.CreateFile %s: %w", gvmga, name, err)
+		return syscall.InvalidHandle, fmt.Errorf("%s syscall.CreateFile %s: %w", gvmga, name, err)
 	}
 	return fd, nil
 }
@@ -128,9 +137,9 @@ func createFile(name string, isDir bool) (syscall.Handle, error) {
 // The caller is responsible for LocalFree of the returned DACL on success.
 func generateDACLWithAcesAdded(name string, isDir bool, origDACL uintptr) (uintptr, error) {
 	// Generate pointers to the SIDs based on the string SIDs
-	sid, err := syscall.StringToSid(sidVmGroup)
+	sid, err := syscall.StringToSid(sidVMGroup)
 	if err != nil {
-		return 0, fmt.Errorf("%s syscall.StringToSid %s %s: %w", gvmga, name, sidVmGroup, err)
+		return 0, fmt.Errorf("%s syscall.StringToSid %s %s: %w", gvmga, name, sidVMGroup, err)
 	}

 	inheritance := inheritModeNoInheritance
@@ -139,12 +148,12 @@ func generateDACLWithAcesAdded(name string, isDir bool, origDACL uintptr) (uintp
 	}

 	eaArray := []explicitAccess{
-		explicitAccess{
+		{
 			accessPermissions: accessMaskDesiredPermission,
 			accessMode:        accessModeGrant,
 			inheritance:       inheritance,
 			trustee: trustee{
-				trusteeForm: trusteeFormIsSid,
+				trusteeForm: trusteeFormIsSID,
 				trusteeType: trusteeTypeWellKnownGroup,
 				name:        uintptr(unsafe.Pointer(sid)),
 			},
--- a/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go
@@ -1,6 +1,6 @@
 package security

-//go:generate go run mksyscall_windows.go -output zsyscall_windows.go syscall_windows.go
+//go:generate go run github.com/Microsoft/go-winio/tools/mkwinsyscall -output zsyscall_windows.go syscall_windows.go

 //sys getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) = advapi32.GetSecurityInfo
 //sys setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) = advapi32.SetSecurityInfo
--- a/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go
+++ b/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go
@@ -1,4 +1,6 @@
-// Code generated by 'go generate'; DO NOT EDIT.
+//go:build windows
+
+// Code generated by 'go generate' using "github.com/Microsoft/go-winio/tools/mkwinsyscall"; DO NOT EDIT.

 package security