Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 15 Apr 2015 10:29:16 +1000
From: Michael Samuel <>
Subject: Re: Re: Problems in automatic crash analysis frameworks

On 15 April 2015 at 07:08, Tavis Ormandy <> wrote:

>>>> import socket
>>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest')
>>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
>>>> sock.bind('/tmp/foo\nbar')
>>>> sock.listen(1)
> $ grep -A1 foo /proc/net/unix
> 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo
> bar

This is a Linux kernel flaw/bug right?  It's a machine-readable
/proc file, so it needs to escape newlines if they're valid data.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.