Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 15 Apr 2015 10:29:16 +1000
From: Michael Samuel <mik@...net.net>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Problems in automatic crash analysis frameworks

On 15 April 2015 at 07:08, Tavis Ormandy <taviso@...gle.com> wrote:

>>>> import socket
>>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest')
>>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
>>>> sock.bind('/tmp/foo\nbar')
>>>> sock.listen(1)
>
> $ grep -A1 foo /proc/net/unix
> 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo
> bar

This is a Linux kernel flaw/bug right?  It's a machine-readable
newline-delimited
/proc file, so it needs to escape newlines if they're valid data.

Regards,
  Michael

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ