Date: Tue, 14 Apr 2015 22:33:38 -0400 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: oss-security@...ts.openwall.com Subject: Re: Re: Problems in automatic crash analysis frameworks On 2015-04-14 08:29 PM, Michael Samuel wrote: > On 15 April 2015 at 07:08, Tavis Ormandy <taviso@...gle.com> wrote: > >>>>> import socket >>>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest') >>>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) >>>>> sock.bind('/tmp/foo\nbar') >>>>> sock.listen(1) >> >> $ grep -A1 foo /proc/net/unix >> 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo >> bar > > This is a Linux kernel flaw/bug right? It's a machine-readable > newline-delimited > /proc file, so it needs to escape newlines if they're valid data. > > Regards, > Michael > That appears to have been previously brought up here: http://www.spinics.net/lists/netdev/msg320556.html Marc.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.