Who also guesses buffer overflow or use-after-free?
this post was submitted on 04 Oct 2023
68 points (97.2% liked)
Programming
16977 readers
241 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 1 year ago
MODERATORS
Buffer overflows are like Lupus in House M.D.
It’s not overflow. It’s never overflow.
Why don't they just rewrite it in rust? It would be much safer right?
I think that's been asked before. That'd be a massive undertaking, and they also support architectures that I don't think Rust does (yet).
You can already use experimental hyper backend (written in rust) for http stuff in curl https://aws.amazon.com/blogs/opensource/how-using-hyper-in-curl-can-help-make-the-internet-safer/ I wonder if the vulnerability touches this use case as well
Perfect article for my question. Appreciated.
I want to thank the curl developers for taking security issues seriously to keep me safe.
Now I'm going to go pipe another curl script output directly into a sudo bash command. /s
We need a version of /s for "I'm not actually doing this right now... but we know I still will..."