Even worse (was Re: Google Code Search)
Marvin Humphrey
marvin at rectangular.com
Fri Oct 6 15:24:33 BST 2006
On Oct 6, 2006, at 6:57 AM, Andy Armstrong wrote:
> Are you saying /any/ use of gets() is bad? Most of the examples I
> read on the first two pages don't seem to present much in the way
> of risk.
No, though the manpage does say just that. :) The point was more
general: maybe the search tool can be used to uncover potential
vulnerabilities. If not with gets(), maybe with something else in
the future.
Marvin Humphrey
Rectangular Research
http://www.rectangular.com/
More information about the london.pm
mailing list