Mastodon Feed
Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
tekhedd@byteheaven.net wrote:
@rusty__shackleford @soatok ROFLSTOMP!
The documentation clearly states that if the user supplies a string longer than MAX_PASSWORD_LEN, the buffers will overwrite system memory with the contents of the password, allowing remote shell access. This is not a bug, and changing it would mean I would have to write code. Plus I already wrote the docs.