when a CVE is discovered that is caused by a structural issue, after the first hotfix is issued new CVEs will keep popping up immediately after until the structural issue is fixed.
Yes, log4j is currently very instructive when it comes to format string parsing and interpretation.
But I'd posit that NULL dereference or off-by-one errors in C are structural issues in every C and C++ programme that we are trained not to see
the amount of times i've talked to a C programmer who was convinced they would never make such mistakes and it's all those other C programmers who produce all these bugs
fuchsiaaaaaaaaaaaaaaaaa
misinfo but kinda true
@meena oops lol I totally read over the image
misinfo but kinda true
@f0x did you just tell my own joke back to me? :P