Y
Hacker News
new
|
ask
|
show
|
jobs
by
pjmlp
2037 days ago
It is impossible to be safe if size is a function argument that cannot be validated without hardware support.
1 comments
saagarjha
2037 days ago
My definition of safety likely differs from yours.
link
pjmlp
2037 days ago
My definition of safety means having a size greater than the actual string doesn't turn an innocent looking call into a CVE database entry.
I bet the security industry agrees with my definition.
link