Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
daurnimator
on Jan 21, 2016
|
parent
|
context
|
favorite
| on:
Scandalous Weird Old Things About the C Preprocess...
Watch out for running `strings` on untrusted input!
See e.g.
https://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings...
kayamon
on Jan 22, 2016
|
next
[–]
This makes me sad. Literally the whole point of 'strings' is for poking around in unknown files, and they managed to break even that.
AstralStorm
on Jan 22, 2016
|
prev
[–]
Instead, do it like a pro and run it from a live CD or a throwaway VM. Any work on untrusted code should be done in an trust-reduced environment.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
See e.g. https://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings...