How I made a heap overflow in curl | daniel.haxx.se (daniel.haxx.se)
from redd@discuss.tchncs.de to cybersecurity@sh.itjust.works on 11 Oct 2023 07:49
https://discuss.tchncs.de/post/4564625

#cybersecurity

threaded - newest

originalucifer@moist.catsweat.com on 11 Oct 2023 08:10 next collapse

In hindsight, shipping a heap overflow in code installed in over twenty billion instances is not an experience I would recommend.

ouch

Potatos_are_not_friends@lemmy.world on 11 Oct 2023 15:04 collapse

I can’t even imagine that feeling.

My internal lib was used in 1000 different places in my company and I had a panic attack when I found a minor error. But this is a new level of fear.

rbos@lemmy.ca on 11 Oct 2023 10:11 next collapse

Respect.

elmicha@feddit.de on 11 Oct 2023 12:43 collapse

TLDR: it only matters to you if you use curl/libcurl to contact an untrustworthy host via SOCKS5 proxy.