From 896924488175a072c19ef3e92baa5d8ecb9079ac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Jul 2026 14:44:37 +0000 Subject: [PATCH] build(deps): bump golang.org/x/image from 0.43.0 to 0.44.0 Bumps [golang.org/x/image](https://github.com/golang/image) from 0.43.0 to 0.44.0. - [Commits](https://github.com/golang/image/compare/v0.43.0...v0.44.0) --- updated-dependencies: - dependency-name: golang.org/x/image dependency-version: 0.44.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 ++-- go.sum | 12 +++---- .../x/image/font/opentype/opentype.go | 7 ++++ vendor/golang.org/x/image/font/sfnt/sfnt.go | 7 ++++ vendor/golang.org/x/image/tiff/reader.go | 29 ++++++++++++--- vendor/golang.org/x/image/webp/decode.go | 36 +++++++++++++++---- .../golang.org/x/sync/semaphore/semaphore.go | 17 ++++++--- vendor/modules.txt | 6 ++-- 8 files changed, 93 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index 765ad0a7cb..587bf68b05 100644 --- a/go.mod +++ b/go.mod @@ -104,12 +104,12 @@ require ( go.opentelemetry.io/otel/trace v1.44.0 golang.org/x/crypto v0.53.0 golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f - golang.org/x/image v0.43.0 + golang.org/x/image v0.44.0 golang.org/x/net v0.56.0 golang.org/x/oauth2 v0.36.0 - golang.org/x/sync v0.21.0 + golang.org/x/sync v0.22.0 golang.org/x/term v0.45.0 - golang.org/x/text v0.39.0 + golang.org/x/text v0.40.0 google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa google.golang.org/grpc v1.82.0 google.golang.org/protobuf v1.36.11 diff --git a/go.sum b/go.sum index ba606c03e5..664d6f15c4 100644 --- a/go.sum +++ b/go.sum @@ -1376,8 +1376,8 @@ golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f h1:W3F4c+6OLc6H2lb//N1q4WpJk golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f/go.mod h1:J1xhfL/vlindoeF/aINzNzt2Bket5bjo9sdOYzOsU80= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.43.0 h1:FLxcP4ec2350nTfOC8ysKtqYSIFbk/QGjw1ZHNP4tsY= -golang.org/x/image v0.43.0/go.mod h1:rrpelvGFt+kLPAjPM4HeWPgrl0FtafueU//e5N0qk/Q= +golang.org/x/image v0.44.0 h1:+tDekMZED9+LrtB3G5xzRggpVh9CARjZqROla3R3R+I= +golang.org/x/image v0.44.0/go.mod h1:V8K3KE9KKKE+pLpQDOeN18w9oacNSvy1tDOirTu4xtY= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1476,8 +1476,8 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM= -golang.org/x/sync v0.21.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= +golang.org/x/sync v0.22.0 h1:SZjpbeLmrCk4xhRSZFNZW5gFUeCeFgjekvI/+gfScek= +golang.org/x/sync v0.22.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20180622082034-63fc586f45fe/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1582,8 +1582,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.39.0 h1:UbZz4pLOvn600D6Oh6GGEI6VAmndrEBLv8/6BEXzyus= -golang.org/x/text v0.39.0/go.mod h1:3UwRclnC2g0TU9x8PZiyfOajCd1zaUNHF9cvqcQZ+ZM= +golang.org/x/text v0.40.0 h1:Ub2Z6/xjgF1WrYQz2nuITOEegKFtiIy+rieRJ5lHZKs= +golang.org/x/text v0.40.0/go.mod h1:hpnzDAfGV753zIKo+wk3u1bVKCGPbrnF7+7LBF/UHVY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/vendor/golang.org/x/image/font/opentype/opentype.go b/vendor/golang.org/x/image/font/opentype/opentype.go index 694ac47bfe..72e83f0a20 100644 --- a/vendor/golang.org/x/image/font/opentype/opentype.go +++ b/vendor/golang.org/x/image/font/opentype/opentype.go @@ -9,6 +9,13 @@ // implementing the golang.org/x/image/font.Face interface. // // The sibling golang.org/x/image/font/sfnt package provides a low-level API. +// +// # Security Considerations +// +// This package is not hardened against malicious inputs. +// Crashes, excessive CPU or memory consumption, or similar misbehavior +// caused by malicious or corrupt inputs will be handled as ordinary bugs, +// not vulnerabilities. package opentype // import "golang.org/x/image/font/opentype" import ( diff --git a/vendor/golang.org/x/image/font/sfnt/sfnt.go b/vendor/golang.org/x/image/font/sfnt/sfnt.go index d1ef8a6a08..103aa436ea 100644 --- a/vendor/golang.org/x/image/font/sfnt/sfnt.go +++ b/vendor/golang.org/x/image/font/sfnt/sfnt.go @@ -28,6 +28,13 @@ // another io.Writer, copying the underlying TTF file, but this package does // not provide an encoder. Specifically, there is no API to build a different // TTF file, whether 'from scratch' or by modifying an existing one. +// +// # Security Considerations +// +// This package is not hardened against malicious inputs. +// Crashes, excessive CPU or memory consumption, or similar misbehavior +// caused by malicious or corrupt inputs will be handled as ordinary bugs, +// not vulnerabilities. package sfnt // import "golang.org/x/image/font/sfnt" // This implementation was written primarily to the diff --git a/vendor/golang.org/x/image/tiff/reader.go b/vendor/golang.org/x/image/tiff/reader.go index a0cd4e8781..41260e4448 100644 --- a/vendor/golang.org/x/image/tiff/reader.go +++ b/vendor/golang.org/x/image/tiff/reader.go @@ -342,13 +342,25 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } } + // calcRowBytes returns the number of bytes in a row with numSamples samples per pixel + // and bytesPerSample bytes per sample. + calcRowBytes := func(xmin, xmax, numSamples int, bitsPerSample uint) int { + return int((int64(xmax-xmin)*int64(numSamples)*int64(bitsPerSample) + 7) / 8) + } + // calcRowOff returns the offset of the next row. + calcRowOff := func(y, ymin, rowBytes int) int { + return (y - ymin) * rowBytes + } + rMaxX := minInt(xmax, dst.Bounds().Max.X) rMaxY := minInt(ymax, dst.Bounds().Max.Y) switch d.mode { case mGray, mGrayInvert: + rowBytes := calcRowBytes(xmin, xmax, 1, d.bpp) if d.bpp == 16 { img := dst.(*image.Gray16) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) for x := xmin; x < rMaxX; x++ { if d.off+2 > len(d.buf) { return errNoPixels @@ -360,14 +372,13 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } img.SetGray16(x, y, color.Gray16{v}) } - if rMaxX == img.Bounds().Max.X { - d.off += 2 * (xmax - img.Bounds().Max.X) - } } } else { img := dst.(*image.Gray) max := uint32((1 << d.bpp) - 1) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) + d.flushBits() for x := xmin; x < rMaxX; x++ { v, ok := d.readBits(d.bpp) if !ok { @@ -379,13 +390,15 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } img.SetGray(x, y, color.Gray{uint8(v)}) } - d.flushBits() } } case mPaletted: img := dst.(*image.Paletted) pLen := len(d.palette) + rowBytes := calcRowBytes(xmin, xmax, 1, d.bpp) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) + d.flushBits() for x := xmin; x < rMaxX; x++ { v, ok := d.readBits(d.bpp) if !ok { @@ -397,12 +410,13 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } img.SetColorIndex(x, y, idx) } - d.flushBits() } case mRGB: + rowBytes := calcRowBytes(xmin, xmax, 3, d.bpp) if d.bpp == 16 { img := dst.(*image.RGBA64) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) for x := xmin; x < rMaxX; x++ { if d.off+6 > len(d.buf) { return errNoPixels @@ -417,6 +431,7 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } else { img := dst.(*image.RGBA) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) min := img.PixOffset(xmin, y) max := img.PixOffset(rMaxX, y) off := (y - ymin) * (xmax - xmin) * 3 @@ -433,9 +448,11 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } } case mNRGBA: + rowBytes := calcRowBytes(xmin, xmax, 4, d.bpp) if d.bpp == 16 { img := dst.(*image.NRGBA64) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) for x := xmin; x < rMaxX; x++ { if d.off+8 > len(d.buf) { return errNoPixels @@ -461,9 +478,11 @@ func (d *decoder) decode(dst image.Image, xmin, ymin, xmax, ymax int) error { } } case mRGBA: + rowBytes := calcRowBytes(xmin, xmax, 4, d.bpp) if d.bpp == 16 { img := dst.(*image.RGBA64) for y := ymin; y < rMaxY; y++ { + d.off = calcRowOff(y, ymin, rowBytes) for x := xmin; x < rMaxX; x++ { if d.off+8 > len(d.buf) { return errNoPixels diff --git a/vendor/golang.org/x/image/webp/decode.go b/vendor/golang.org/x/image/webp/decode.go index f55de23bff..d68b984206 100644 --- a/vendor/golang.org/x/image/webp/decode.go +++ b/vendor/golang.org/x/image/webp/decode.go @@ -5,6 +5,7 @@ package webp import ( + "bufio" "bytes" "errors" "image" @@ -113,16 +114,39 @@ func decode(r io.Reader, configOnly bool) (image.Image, image.Config, error) { c, err := vp8l.DecodeConfig(chunkData) return nil, c, err } + if seenVP8X { + // Verify the VP8L chunk dimensions match before + // calling vp8l.Decode, to catch malicious images + // following a small VP8X header with a huge VP8L chunk. + // + // Peek the VP8L header. + // + // chunkData is always an unbuffered riff.chunkReader. + // Creating a bufio.Reader here doesn't add any + // inefficiency, since the vp8l package will do it + // if we don't. + bufReader := bufio.NewReader(chunkData) + chunkData = bufReader + const vp8lHeaderSize = 5 + vp8lHeader, err := bufReader.Peek(vp8lHeaderSize) + if err != nil { + if err == io.EOF { + err = errInvalidFormat + } + return nil, image.Config{}, err + } + c, err := vp8l.DecodeConfig(bytes.NewReader(vp8lHeader)) + if err != nil { + return nil, image.Config{}, err + } + if c.Width != int(widthMinusOne)+1 || c.Height != int(heightMinusOne)+1 { + return nil, image.Config{}, errInvalidFormat + } + } m, err := vp8l.Decode(chunkData) if err != nil { return nil, image.Config{}, err } - if seenVP8X { - bounds := m.Bounds() - if bounds.Dx() != int(widthMinusOne)+1 || bounds.Dy() != int(heightMinusOne)+1 { - return nil, image.Config{}, errInvalidFormat - } - } return m, image.Config{}, nil case fccVP8X: diff --git a/vendor/golang.org/x/sync/semaphore/semaphore.go b/vendor/golang.org/x/sync/semaphore/semaphore.go index 040c5bc509..96a035aede 100644 --- a/vendor/golang.org/x/sync/semaphore/semaphore.go +++ b/vendor/golang.org/x/sync/semaphore/semaphore.go @@ -24,7 +24,7 @@ func NewWeighted(n int64) *Weighted { } // Weighted provides a way to bound concurrent access to a resource. -// The callers can request access with a given weight. +// The callers can request access with a given non-negative weight. type Weighted struct { size int64 cur int64 @@ -32,10 +32,13 @@ type Weighted struct { waiters list.List } -// Acquire acquires the semaphore with a weight of n, blocking until resources +// Acquire acquires the semaphore with a non-negative weight of n, blocking until resources // are available or ctx is done. On success, returns nil. On failure, returns // ctx.Err() and leaves the semaphore unchanged. func (s *Weighted) Acquire(ctx context.Context, n int64) error { + if n < 0 { + panic("semaphore: n < 0") + } done := ctx.Done() s.mu.Lock() @@ -106,9 +109,12 @@ func (s *Weighted) Acquire(ctx context.Context, n int64) error { } } -// TryAcquire acquires the semaphore with a weight of n without blocking. +// TryAcquire acquires the semaphore with a non-negative weight of n without blocking. // On success, returns true. On failure, returns false and leaves the semaphore unchanged. func (s *Weighted) TryAcquire(n int64) bool { + if n < 0 { + panic("semaphore: n < 0") + } s.mu.Lock() success := s.size-s.cur >= n && s.waiters.Len() == 0 if success { @@ -118,8 +124,11 @@ func (s *Weighted) TryAcquire(n int64) bool { return success } -// Release releases the semaphore with a weight of n. +// Release releases the semaphore with a non-negative weight of n. func (s *Weighted) Release(n int64) { + if n < 0 { + panic("semaphore: n < 0") + } s.mu.Lock() s.cur -= n if s.cur < 0 { diff --git a/vendor/modules.txt b/vendor/modules.txt index d62ba0f737..23cc5908e3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -2444,7 +2444,7 @@ golang.org/x/exp/slices golang.org/x/exp/slog golang.org/x/exp/slog/internal golang.org/x/exp/slog/internal/buffer -# golang.org/x/image v0.43.0 +# golang.org/x/image v0.44.0 ## explicit; go 1.25.0 golang.org/x/image/bmp golang.org/x/image/ccitt @@ -2495,7 +2495,7 @@ golang.org/x/net/trace ## explicit; go 1.25.0 golang.org/x/oauth2 golang.org/x/oauth2/internal -# golang.org/x/sync v0.21.0 +# golang.org/x/sync v0.22.0 ## explicit; go 1.25.0 golang.org/x/sync/errgroup golang.org/x/sync/semaphore @@ -2514,7 +2514,7 @@ golang.org/x/sys/windows/svc/mgr # golang.org/x/term v0.45.0 ## explicit; go 1.25.0 golang.org/x/term -# golang.org/x/text v0.39.0 +# golang.org/x/text v0.40.0 ## explicit; go 1.25.0 golang.org/x/text/cases golang.org/x/text/collate