:: Re: [DNG] Systemd Shims
Forside
Slet denne besked
Besvar denne besked
Skribent: Rainer Weikusat
Dato:  
Til: dng
Emne: Re: [DNG] Systemd Shims
Edward Bartolo <edbarx@???> writes:
> I am not assuming anything and understand the risks of buffer
> overflows. The first step I am taking is to make the code function.
> The second step is further debug it until it behaves properly and the
> third step is to correct any potential security issues.


Realistically, the first step is 'make the code function', the second
step is 'graduate from university based on your thesis' and the 3rd was
called 'heartbleed', IOW, that's not going to happen in this way. If
you're doing string processing in C, try to do it correctly from the
start. That's much easier than retrofitting proper length/ size handling onto
some working code.