Oh thanks, that at least gives some idea of the potential. I see e.g. "HTTP/2 tr... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		dataflow on Oct 9, 2020 \| parent \| context \| favorite \| on: Memory safe ‘curl’ for a more secure internet Oh thanks, that at least gives some idea of the potential. I see e.g. "HTTP/2 trailer out-of-bounds read" and "SSL out of buffer access"... I guess there might be some candidates.

pjmlp on Oct 9, 2020 [–]

If you start from when Morris worm got released into UNIX world, there will be plenty to chose from.

asveikau on Oct 10, 2020 | [–]

Quite a bit broader than "libcurl's HTTP/HTTPS handling", though.

Which it sounds like the answer is nonzero. But significantly smaller than "every C bug since 1988".

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact