|
|
|
|
|
|
by ky3
121 days ago
|
|
|
Wouldn't attention to getenv() calls yield more benefit? Such calls are where input typically isn't parsed--because parsing is "hard"--becoming targets for exploit. The present fix is to sanitize user input. Does it cover all cases? |
|
|