Even worse (was Re: Google Code Search)

Marvin Humphrey marvin at rectangular.com
Fri Oct 6 15:24:33 BST 2006

On Oct 6, 2006, at 6:57 AM, Andy Armstrong wrote:

> Are you saying /any/ use of gets() is bad? Most of the examples I  
> read on the first two pages don't seem to present much in the way  
> of risk.

No, though the manpage does say just that.  :)  The point was more  
general: maybe the search tool can be used to uncover potential  
vulnerabilities.  If not with gets(), maybe with something else in  
the future.

Marvin Humphrey
Rectangular Research

More information about the london.pm mailing list