Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

OT: Half of curl’s vulnerabilities are C mistakes

by parv (Parson)
on Mar 09, 2021 at 23:13 UTC ( [id://11129385]=perlnews: print w/replies, xml ) Need Help??

In [Half] of curl’s vulnerabilities are C mistakes, Daniel S, author, analyzes number of vulnerabilities due to memory handling in C.

Replies are listed 'Best First'.
Re: OT: Half of curl’s vulnerabilities are C *programmer* mistakes
by bliako (Monsignor) on Mar 10, 2021 at 10:02 UTC

    Nice, but "C mistakes" IMO must be written as "C programmer mistakes". Fundamentally, there is nothing wrong with C just like there is nothing wrong with a plug with live wires and a big warning sign with skulls. Does anyone read signs any more? Does anyone bother to read anything any more? Bonus comment: @Alexander: I suppose that just then means that we’re not as good developers as you are. Java tried to be safe and look where's ended. They went back to the type-cast but with @SuppessWarnings in order to show to your peers you know what you are doing. Ok I will also get a type-cast license from my local Java bureau.</c>.

    Rant not against you obviously, I actually quite enjoyed the external modules caveats you posted.

    bw, bliako

      I am only but a messenger who has developed an interest in computer security lately & has much (seems infinite) to learn. As such when I find something (which could be) of interest (here) from fire hose of reports|articles etc, then dump^Wmake a note here.

        most welcome, thanks parv

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlnews [id://11129385]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others about the Monastery: (5)
As of 2024-03-29 01:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found