[pypy-dev] [pypy-svn] r45269 - in pypy/dist/pypy/rpython/module: . tes
Maciek Fijalkowski
fijal at genesilico.pl
Wed Jul 25 09:17:03 CEST 2007
Christian Tismer wrote:
>
> On 24.07.2007, at 18:08, Armin Rigo wrote:
>
>> Hi Fijal,
>>
>> On Mon, Jul 23, 2007 at 02:38:32PM +0200, Maciek Fijalkowski wrote:
>>> The length of the arrays in a struct utsname is unspecified; the
>>> fields
>>> are terminated by a null byte (?????? ???).
>>>
>>> I'm completely confused.
>>
>> It means that the structure looks like this in lltype notation:
>>
>> Struct('utsname', ('text1', FixedSizeArray(Char, 10)),
>> ('text2', FixedSizeArray(Char, 20)),
>> ...)
>>
>> where, annoyingly, the numbers '10' and '20' are platform-dependent and
>> must be obtained by trying to compile snippets of C code using sizeof()
>> and offsetof().
>>
>> Or are you confused about the bit saying that the fields are
>> zero-terminated? It just means that in the array, characters 0 to N-1
>> are non-null, charater N is null, and the rest of the characters are
>> undefined.
>
> Which reminds us to implement this carefully and not to rely on the
> terminating byte, or we will open the door to buffer overflow exploits :-)
>
> ciao - chris
>
I personally don't think that implementation of uname() might be a
security hazard - if kernel really wants to hack us it can for sure :]
Cheers,
fijal
:.
More information about the Pypy-dev
mailing list