Re: OT: Half of curl’s vulnerabilities are C *programmer* mistakes

Nice, but "C mistakes" IMO must be written as "C programmer mistakes". Fundamentally, there is nothing wrong with C just like there is nothing wrong with a plug with live wires and a big warning sign with skulls. Does anyone read signs any more? Does anyone bother to read anything any more? Bonus comment: @Alexander: I suppose that just then means that we’re not as good developers as you are. Java tried to be safe and look where's ended. They went back to the type-cast but with @SuppessWarnings in order to show to your peers you know what you are doing. Ok I will also get a type-cast license from my local Java bureau.</c>.

Rant not against you obviously, I actually quite enjoyed the external modules caveats you posted.

bw, bliako

Comment on Re: OT: Half of curl’s vulnerabilities are C programmer mistakes Select or Download Code

Replies are listed 'Best First'.
Re^2: OT: Half of curl’s vulnerabilities are C programmer mistakes by parv (Parson) on Mar 10, 2021 at 12:03 UTC
I am only but a messenger who has developed an interest in computer security lately & has much (seems infinite) to learn. As such when I find something (which could be) of interest (here) from fire hose of reports\|articles etc, then dump^Wmake a note here.	[reply]
Re^3: OT: Half of curl’s vulnerabilities are C programmer mistakes by bliako (Abbot) on Mar 10, 2021 at 12:21 UTC
most welcome, thanks parv	[reply]