nobu / ruby-lang.org wrote:
>   https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=62991
> 
>   Log:
>     unixsocket.c: check NUL bytes

This breaks abstract namespace sockets on Linux.  Log below.

>     * ext/socket/unixsocket.c (rsock_init_unixsock): check NUL bytes.
>       https://hackerone.com/reports/302997

Is there a way to read these reports w/o JavaScript?
Ironically, JS has too many security problems associated with it.


  1) Failure:
TestSocket_UNIXSocket#test_abstract_unix_socket_econnrefused [$SRC/ruby/test/socket/test_unix.rb:661]:
[Errno::ECONNREFUSED] exception expected, not.
Class: <ArgumentError>
Message: <"path name contains null byte">
---Backtrace---
$SRC/ruby/test/socket/test_unix.rb:662:in `initialize'
$SRC/ruby/test/socket/test_unix.rb:662:in `open'
$SRC/ruby/test/socket/test_unix.rb:662:in `block in test_abstract_unix_socket_econnrefused'
$SRC/ruby/test/lib/test/unit/assertions.rb:74:in `assert_raise'
$SRC/ruby/test/socket/test_unix.rb:661:in `test_abstract_unix_socket_econnrefused'
$SRC/ruby/test/lib/test/unit.rb:1168:in `run_test'
---------------

  2) Error:
TestSocket_UNIXSocket#test_abstract_unix_server:
ArgumentError: path name contains null byte
    $SRC/ruby/test/socket/test_unix.rb:643:in `initialize'
    $SRC/ruby/test/socket/test_unix.rb:643:in `open'
    $SRC/ruby/test/socket/test_unix.rb:643:in `test_abstract_unix_server'

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>