oss-sec mailing list archives
Re: Re: Problems in automatic crash analysis frameworks
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Tue, 14 Apr 2015 22:33:38 -0400
On 2015-04-14 08:29 PM, Michael Samuel wrote:
On 15 April 2015 at 07:08, Tavis Ormandy <taviso () google com> wrote:import socket socket.socket(socket.AF_UNIX, socket.SOCK_STREAM).bind('test\ntest') sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) sock.bind('/tmp/foo\nbar') sock.listen(1)$ grep -A1 foo /proc/net/unix 0000000000000000: 00000002 00000000 00010000 0001 01 4772228 /tmp/foo barThis is a Linux kernel flaw/bug right? It's a machine-readable newline-delimited /proc file, so it needs to escape newlines if they're valid data. Regards, Michael
That appears to have been previously brought up here: http://www.spinics.net/lists/netdev/msg320556.html Marc.
Current thread:
- Re: Re: Problems in automatic crash analysis frameworks, (continued)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tyler Hicks (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tyler Hicks (Apr 16)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 16)
- Re: Re: Problems in automatic crash analysis frameworks Marc Deslauriers (Apr 14)
- Re: Re: Problems in automatic crash analysis frameworks Michael Samuel (Apr 14)
- Re: Re: Problems in automatic crash analysis frameworks Marc Deslauriers (Apr 14)
- Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Huzaifa Sidhpurwala (Apr 15)
- Re: Problems in automatic crash analysis frameworks cve-assign (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Huzaifa Sidhpurwala (Apr 15)