Steven D'Aprano <steve+comp.lang.pyt...@pearwood.info> writes: > Here's the one-liner: > > python -c 'import socket;y="0"*50000000;socket.gethostbyname(y)' > > > I think it is likely that y="0"*50000000 would segfault due to lack of > memory on many machines. I wouldn't trust this as a test.
Hmm, how much RAM does that one-liner actually need? My router has 128 MB total RAM with about 90 MB free. So it can store the string once but if it's copied with the gethostbyname call then it'll run out... According to a Reddit thread (http://www.reddit.com/r/Python/comments/2u7ghu/python_socketgethostbyname_is_not_affected_by/) Python's socket.gethostbyname() doesn't actually even call the gethostbyname function in glibc, it uses the newer getaddrinfo instead. So it's a little unlikely to cause a segfault because of the Ghost vuln :) Anyways, here's an example calling gethostbyname directly in python: from ctypes import CDLL o = CDLL('libc.so.6') for i in range(0, 2500): o.gethostbyname('0'*i) I don't have a vulnerable system to test on any more though. -- https://mail.python.org/mailman/listinfo/python-list
