|
|
|
|
|
|
by thaumasiotes
1300 days ago
|
|
|
> It's close to impossible to get this wrong and I don't see how the fact that it's a parser would make it any more dangerous. I can answer that one. The parser is more dangerous because a parser, essentially by definition, takes untrusted input. Nothing the parser does is any more dangerous than the rest of the code; it's all about the parser's position in the data flow. |
|
|