oss-security - Re: Re: Problems in automatic crash analysis frameworks

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Tue, 14 Apr 2015 22:33:38 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Problems in automatic crash analysis frameworks

On 2015-04-14 08:29 PM, Michael Samuel wrote:
> On 15 April 2015 at 07:08, Tavis Ormandy <taviso@...gle.com> wrote:
> 
>>>>> import socket
>>>>> socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest')
>>>>> sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
>>>>> sock.bind('/tmp/foo\nbar')
>>>>> sock.listen(1)
>>
>> $ grep -A1 foo /proc/net/unix
>> 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo
>> bar
> 
> This is a Linux kernel flaw/bug right?  It's a machine-readable
> newline-delimited
> /proc file, so it needs to escape newlines if they're valid data.
> 
> Regards,
>   Michael
> 

That appears to have been previously brought up here:

http://www.spinics.net/lists/netdev/msg320556.html

Marc.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.