https://daniel.haxx.se/blog/2023/10/11/how-i-made-a-heap-overflow-in-curl/
<![endif] daniel.haxx.se Search Primary Menu Skip to content About Contact Privacy Search for: #masthead cURL and libcurl October 11, 2023 Daniel Stenberg 8 Comments .entry-meta .entry-header In association with the release of curl 8.4.0 , we publish a security advisory and all the details for CVE-2023-38545 . This problem is the worst security problem found in curl in a long time. We set it to severity HIGH . While the advisory contains all the necessary details. I figured I would use a few additional words and expand the explanations for anyone who cares to understand how this flaw works and how it happened. curl has supported SOCKS5 since August 2002 . SOCKS5 is a proxy protocol. It is a rather simple protocol for setting up network communication via a dedicated “middle man”. The protocol is for example typically used when sett...
do you think www.aws.org runs on aws?
For those inter st in the finest writing of all time https://www-allure-com.cdn.ampproject.org/v/s/www.allure.com/story/best-sex-tip-by-zodiac-sign/amp?amp_gsa=1&_js_v=a6&usqp=mq331AQKKAFQArABIIACAw%3D%3D#amp_tf=From%20%251%24s&aoh=16392879347932&referrer=https%3A%2F%2Fwww.google.com&share=https%3A%2F%2Fwww.allure.com%2Fstory%2Fbest-sex-tip-by-zodiac-sign
<![endif] daniel.haxx.se Search Primary Menu Skip to content About Contact Search for: #masthead cURL and libcurl , Development , Open Source March 27, 2017 Daniel Stenberg 18 Comments .entry-meta .entry-header Every once in a while someone suggests to me that curl and libcurl would do better if rewritten in a “safe language”. Rust is one such alternative language commonly suggested. This happens especially often when we publish new security vulnerabilities. (Update: I think Rust is a fine language! This post and my stance here has nothing to do with what I think about Rust or other languages, safe or not.) The curl code guidelines mandate that we stick to using C89 for any code to be accepted into the repository. C89 (sometimes also called C90) – the oldest possible ANSI C standard. Ancient and conservative. This fact has made it po...
<![endif] daniel.haxx.se Search Primary Menu Skip to content About Contact Search for: #masthead cURL and libcurl , Network October 11, 2016 Daniel Stenberg Leave a comment .entry-meta .entry-header When Mac OS X first launched they did so without an existing poll function. They later added poll() in Mac OS X 10.3, but we quickly discovered that it was broken (it returned a non-zero value when asked to wait for nothing) so in the curl project we added a check in configure for that and subsequently avoided using poll() in all OS X versions to and including Mac OS 10.8 (Darwin 12). The code would instead switch to the alternative solution based on select() for these platforms. With the release of Mac OS X 10.9 “Mavericks” in October 2013, Apple had fixed their poll() implementation and we’ve built libcurl to use it since with no issues at...