You missed the point. The code purported to be vulnerable is not slow because of... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mmastrac 10 months ago \| parent \| context \| favorite \| on: Buffer Overflow Risk in Curl_inet_ntop and Inet_nt... You missed the point. The code purported to be vulnerable is not slow because of the length of the string. The "example exploit" is slow because the reports use slow methods to construct the string under test. When timing the affected methods, they are _not_ slow.

minitech 10 months ago [–]

Well, you didn’t link to that example exploit, and a random sampling from their profile looked legitimate. Do you have the specific link?

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact