Date: Wed, 15 Apr 2015 10:29:16 +1000 From: Michael Samuel <mik@...net.net> To: oss-security@...ts.openwall.com Subject: Re: Re: Problems in automatic crash analysis frameworks On 15 April 2015 at 07:08, Tavis Ormandy <taviso@...gle.com> wrote: >>>> import socket >>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest') >>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) >>>> sock.bind('/tmp/foo\nbar') >>>> sock.listen(1) > > $ grep -A1 foo /proc/net/unix > 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo > bar This is a Linux kernel flaw/bug right? It's a machine-readable newline-delimited /proc file, so it needs to escape newlines if they're valid data. Regards, Michael
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.