[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()

Antoine Pitrou solipsis at pitrou.net
Tue Feb 25 14:17:28 CET 2014

Previous message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Next message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 25 Feb 2014 08:08:09 -0500
Donald Stufft <donald at stufft.io> wrote:
> 
> Hash randomization is broken and doesn’t fix anything.

Not sure what you mean with "doesn't fix anything". Hash collisions were
easy to exploit pre-hash randomization, they doesn't seem as easy to
exploit with it.

Regards

Antoine.

Previous message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Next message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list