• shadowintheday2@lemmy.world
    link
    fedilink
    English
    arrow-up
    60
    arrow-down
    1
    ·
    1 year ago

    "A qsort vulnerability is due to a missing bounds check and can lead to memory corruption. It has been present in all versions of glibc since 1992. "

    This one amazes me. Imagine how many vulnerabilities future researchers will discover in ancient software that persisted/persist for decades.

    • xlash123@sh.itjust.works
      link
      fedilink
      arrow-up
      22
      arrow-down
      1
      ·
      1 year ago

      C is just crazy. You accidentally forget to put the bounds in a sorting function, and now you are root.

    • kaputt@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      According to the link in the article, the qsort() bug can only be triggered with a non-transitive cmp() function. Would such a cmp function ever be useful?

      • Giooschi@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        You don’t necessarily have to write a non-transitive cmp() function willingly, it may happen that you write one without realizing due to some edge cases where it’s not transitive.