We recently received a security report about unsafe usages. Whilst there's not always a safe alternative available (especially cross-platform) we can still have a check and ensure we have best-effort implementations for:
input validation
buffer management
return values are in proper format (e.g. null terminated strings)
Description
We recently received a security report about unsafe usages. Whilst there's not always a safe alternative available (especially cross-platform) we can still have a check and ensure we have best-effort implementations for:
Detailed report:
Format String Vulnerabilities
Buffer Overflow Vulnerabilities
Buffer Overflow Danger Functions