[issue8372] socket: Buffer overrun while reading unterminated AF_UNIX addresses
Charles-François Natali
report at bugs.python.org
Mon Jun 13 00:37:35 CEST 2011
Charles-François Natali <neologix at free.fr> added the comment:
The patches look good to me, except that instead of passing
(addrlen > buflen) ? buflen : addrlen
as addrlen argument every time makesockaddr is called, I'd prefer if this min was done inside makesockaddr itself, i.e. perform min(addrlen, sizeof(struct sockaddr_un)) in the AF_UNIX switch case (especially since addrlen is only used for AF_UNIX).
Also, this would be the occasion to put a short explanatory comment (possibility of non NULL-terminated sun_path and unreliable length returned by syscalls).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue8372>
_______________________________________
More information about the Python-bugs-list
mailing list