> The vulnerability was fixed [...] by adding size checks for the name and value lengths.
Would it make sense in this case to review the entire codebase for valid size checks? Genuinely curious. Not interested in debating one language VS another this time, merely, the best practices for the language specific to this codebase.
Would it make sense in this case to review the entire codebase for valid size checks? Genuinely curious. Not interested in debating one language VS another this time, merely, the best practices for the language specific to this codebase.