[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()

Terry Reedy tjreedy at udel.edu
Tue Feb 25 21:13:33 CET 2014

On 2/25/2014 8:32 AM, Chris Angelico wrote:
> On Wed, Feb 26, 2014 at 12:21 AM, Donald Stufft <donald at stufft.io> wrote:
>> Instead of pre-generating one set of values that can be be used to DoS things
>> you have to pre-generate 256 sets of values and try them until you get the
>> right one. It’s like putting on armor made of paper and saying it’s harder to
>> stab you now.
> Paper armor? You mean the stuff they tested here?
> http://www.imdb.com/title/tt1980597/

OT, but I just watched that Mythbusters episode and they confirmed that 
on a weight basis, paper armor from multiple folded sheets was 
comparable to steel. They have also shown that phonebooks stop ordinary 

Terry Jan Reedy

