[OffTopic] A vulnerability postmortem on Network Security Services
Imperatorn
johan_forsberg_86 at hotmail.com
Thu Dec 2 23:20:37 UTC 2021
On Thursday, 2 December 2021 at 12:15:38 UTC, Johan wrote:
> On Thursday, 2 December 2021 at 11:01:07 UTC, Imperatorn wrote:
>> On Thursday, 2 December 2021 at 08:09:18 UTC, Paulo Pinto
>> wrote:
>>> [...]
>>
>> Bottom line:
>> Use D instead of C 😎
>
> Sorry to rain on the party here, but D is of course not at all
> immune to this problem.
> It was not hard to find out-of-bounds memory access in the D
> compiler, using the fuzz techniques mentioned in the article.
>
> https://johanengelen.github.io/ldc/2018/01/14/Fuzzing-with-LDC.html
> https://github.com/dlang/dmd/pull/7050
>
> Note the discussion of bounds checking in the PR...
>
> -Johan
Agreed, it was more of a "C sux" comment (I use it at work = have
seen the horrors).
Anyway, D is still better than C 😊
More information about the Digitalmars-d
mailing list