A serious security bug... caused by no bounds checking.
w0rp
devw0rp at gmail.com
Wed Apr 9 23:51:40 PDT 2014
On Wednesday, 9 April 2014 at 12:36:49 UTC, Marco Leise wrote:
> Sorry, but wasn't this security risk instead caused by
> uninitialized memory, and shouldn't you instead have said:
>
> "I'm glad to be using a language with default initialization?"
Nope, it was caused by missing bounds checking.
https://www.openssl.org/news/secadv_20140407.txt
> A missing bounds check [...]
More information about the Digitalmars-d
mailing list