Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Apr 2015 22:33:38 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Problems in automatic crash analysis frameworks

On 2015-04-14 08:29 PM, Michael Samuel wrote:
> On 15 April 2015 at 07:08, Tavis Ormandy <taviso@...gle.com> wrote:
> 
>>>>> import socket
>>>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest')
>>>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
>>>>> sock.bind('/tmp/foo\nbar')
>>>>> sock.listen(1)
>>
>> $ grep -A1 foo /proc/net/unix
>> 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo
>> bar
> 
> This is a Linux kernel flaw/bug right?  It's a machine-readable
> newline-delimited
> /proc file, so it needs to escape newlines if they're valid data.
> 
> Regards,
>   Michael
> 

That appears to have been previously brought up here:

http://www.spinics.net/lists/netdev/msg320556.html

Marc.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ