Daniel, On Sun, Feb 19, 2012 at 1:22 AM, Daniel Zulla <daniel.zu...@googlemail.com> wrote: > Andres, > > Interesting, have you reported a bug to python.org? Maybe submit a > patch? I think that these things, even if they affect w3af, they > should be fixed at the python level. If we find one of these that's > really important and affects w3af with a code execution then we should > fix it, keep looking if you have some time :) > > > Yep, I created a bug report and a little patch. > I always hated it that the value of urlparse.ParseResult().port was > unpredictable, so i provided a patch that returns the default port for > either http or https. > Let's see if they will accept it.
Nice, keep us posted > Why should we be afraid of bugs like these? At most there are very > very strange cases in which w3af will crash (from my point of view at > least). > > > If we will do something with C/C++ Bindings, i'm concerned about stuff like > that. In Python, it's just another exception that may appear, or may not > appear. Who cares. As you said: It's really rare, in w3af. > > But with C/C++ bindings, there is zero tolerance for unpredictable data. > That's why i'm trying to figure out to catch such stuff. Let's hope we never need to do anything in C/C++ ! > Cheers, > Daniel -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
