oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: ruby file creation due in insertion of illegal NUL character

From: Daniel Kahn Gillmor <dkg () fifthhorseman net>
Date: Tue, 16 Oct 2012 11:51:42 -0400
On 10/16/2012 08:40 AM, Matthias Weckbecker wrote:

Technically, this would also apply to Perl (at least with 5.12.3). 


It's also the case with perl 5.14.2 (just tested). :/

on the other hand, python and php seem to both have some sort of an
internal check in place, so there's a difference of expectation somewhere:

0 dkg@pip:~$ python -c 'f = open("python\0foo"); f.write("test");'
Traceback (most recent call last):
  File "<string>", line 1, in <module>
TypeError: file() argument 1 must be encoded string without NULL bytes,
not str
1 dkg@pip:~$

0 dkg@pip:~$ echo | php -B 'if ($x = fopen("php\0foo", "w")) fwrite($x,
"test");'
PHP Warning:  fopen() expects parameter 1 to be a valid path, string
given in Command line begin code on line 1
0 dkg@pip:~$

hth,

        --dkg

Attachment: signature.asc
Description: OpenPGP digital signature

Previous By Date Next
Previous By Thread Next

Current thread: