49 points | by nateb2022 4 days ago ago
3 comments
OpenBSD has removed the format specifier that makes this possible, for hopefully obvious reasons.
Was the thought process: "Anything involving C string handling is fundamentally security hostile, lets fix it by breaking %n!"
Discussion at the time (181 points, 39 comments) https://news.ycombinator.com/item?id=7389623
OpenBSD has removed the format specifier that makes this possible, for hopefully obvious reasons.
Was the thought process: "Anything involving C string handling is fundamentally security hostile, lets fix it by breaking %n!"
Discussion at the time (181 points, 39 comments) https://news.ycombinator.com/item?id=7389623