29
How I made a heap overflow in curl | daniel.haxx.se (daniel.haxx.se)
submitted 1 year ago by redd@discuss.tchncs.de to c/cybersecurity@sh.itjust.works
4 comments fedilink hide all child comments
top 4 comments
sorted by: hot top controversial new old
[-] originalucifer@moist.catsweat.com 20 points 1 year ago

In hindsight, shipping a heap overflow in code installed in over twenty billion instances is not an experience I would recommend.

ouch

[-] Potatos_are_not_friends@lemmy.world 3 points 1 year ago

I can't even imagine that feeling.

My internal lib was used in 1000 different places in my company and I had a panic attack when I found a minor error. But this is a new level of fear.

[-] rbos@lemmy.ca 8 points 1 year ago

Respect.

[-] elmicha@feddit.de 4 points 1 year ago

TLDR: it only matters to you if you use curl/libcurl to contact an untrustworthy host via SOCKS5 proxy.

this post was submitted on 11 Oct 2023
29 points (96.8% liked)

Cybersecurity

5687 readers
14 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social