Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

OT: Half of curl’s vulnerabilities are C mistakes

by parv (Vicar)
on Mar 09, 2021 at 23:13 UTC ( #11129385=perlnews: print w/replies, xml ) Need Help??

In [Half] of curl’s vulnerabilities are C mistakes, Daniel S, author, analyzes number of vulnerabilities due to memory handling in C.

  • Comment on OT: Half of curl’s vulnerabilities are C mistakes

Replies are listed 'Best First'.
Re: OT: Half of curl’s vulnerabilities are C *programmer* mistakes
by bliako (Monsignor) on Mar 10, 2021 at 10:02 UTC

    Nice, but "C mistakes" IMO must be written as "C programmer mistakes". Fundamentally, there is nothing wrong with C just like there is nothing wrong with a plug with live wires and a big warning sign with skulls. Does anyone read signs any more? Does anyone bother to read anything any more? Bonus comment: @Alexander: I suppose that just then means that we’re not as good developers as you are. Java tried to be safe and look where's ended. They went back to the type-cast but with @SuppessWarnings in order to show to your peers you know what you are doing. Ok I will also get a type-cast license from my local Java bureau.</c>.

    Rant not against you obviously, I actually quite enjoyed the external modules caveats you posted.

    bw, bliako

      I am only but a messenger who has developed an interest in computer security lately & has much (seems infinite) to learn. As such when I find something (which could be) of interest (here) from fire hose of reports|articles etc, then dump^Wmake a note here.

        most welcome, thanks parv

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlnews [id://11129385]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (8)
As of 2022-12-07 15:44 GMT
Find Nodes?
    Voting Booth?

    No recent polls found