On Wednesday, 9 April 2014 at 12:36:49 UTC, Marco Leise wrote:
Sorry, but wasn't this security risk instead caused by uninitialized memory, and shouldn't you instead have said:"I'm glad to be using a language with default initialization?"
Nope, it was caused by missing bounds checking. https://www.openssl.org/news/secadv_20140407.txt
A missing bounds check [...]
