• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

One for the fanbois

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    One for the fanbois

    Apple’s #gotofail SSL Security Bug was Easily Preventable « Barr Code

    Ooooops.

    Excellent use of the GOTO though.

    I haven't written code like that since FORTRAN 77 came along.
    Last edited by zeitghost; 6 March 2014, 10:35.

    #2
    Originally posted by zeitghost View Post
    Apple’s #gotofail SSL Security Bug was Easily Preventable « Barr Code

    Ooooops.

    Excellent use of the GOTO though.

    I haven't written code like that since FORTRAN 77 came along.
    Oh dear. I hope the rest of their software QA is better than that.

    Comment


      #3
      Doh! That's clearly never even been stepped through once.

      And people will still tell you Apple are somehow superior and more secure.
      Will work inside IR35. Or for food.

      Comment


        #4
        It's not really for the fanbois. Most of them won't know what SSL is.
        Down with racism. Long live miscegenation!

        Comment


          #5
          Originally posted by NotAllThere View Post
          It's not really for the fanbois. Most of them won't know what SSL is.
          surely the apple version is iSsl?
          While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named 'Manual.'

          Comment


            #6

            Comment


              #7
              Originally posted by zeitghost View Post
              Apple’s #gotofail SSL Security Bug was Easily Preventable « Barr Code

              Ooooops.

              Excellent use of the GOTO though.

              I haven't written code like that since FORTRAN 77 came along.
              Excellent indeed.

              The code above violates at least two rules from Barr Group‘s Embedded C Coding Standard book
              Screams of laughter. Don't need no steenkeeng book to tell us that the code is crud.

              Go on, have a look yourself. I counted 47 'goto fail' statements in the source file sslKeyExchange.c

              Non-Apple users shouldn't be too smug at this point...

              Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

              This GnuTLS bug is worse than the big Apple "goto fail" bug patched last week.
              New Plan B: Tin foil hats.
              Last edited by Sysman; 6 March 2014, 22:09.
              Behold the warranty -- the bold print giveth and the fine print taketh away.

              Comment

              Working...
              X