Y
Hacker News
new
|
ask
|
show
|
jobs
by
angusp
3458 days ago
It's a well known C pattern that you should never trust a user supplied format string, E.g. printf(arg) vs printf("%s", arg). The same applies here