|
|
|
|
|
|
by firebacon
2478 days ago
|
|
|
> This depends, obviously, on the code calling allocatebufs That was my point. The article claims to introduce a backdoor with the tiny change in the second example, i.e. "commit the change from the second example an you're in". But that just isn't true without assuming some other vulnerable code at the callsite. And arguably, the assumed bug is a bug of the assumed callsite and not a bug of the allocatebufs method! "See how easy it is to introduce a backdoor into C code which just one small change that looks completely harmless" might generally be true (debatable), but claiming that the change shown in the article (on it's own) is an example of this is incorrect and looks a bit like fearmongering. |
|
|