[Cryptography] Use Linux for its security
Dave Horsfall
dave at horsfall.org
Fri Sep 30 02:50:55 EDT 2016
On Wed, 28 Sep 2016, Ray Dillinger wrote:
> I checked in a code patch in an opensource project shutting down a
> possible buffer overrun attack where somebody was doing an unchecked
> read-line from a config file into a fixed-size stack buffer.
Please don't say that it was the stack-clobbering gets()... Last I
looked, it will no longer be part of POSIX.
--
Dave Horsfall DTM (VK2KFU) "Those who don't understand security will suffer."
More information about the cryptography
mailing list