https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/
A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use.
[...] Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.
(Score: 1) by anubi on Tuesday April 10 2018, @07:14AM (1 child)
Those are excellent points.
To me, the C++ is more like the English language... it has a few quite illogical exceptions, but I can use it to communicate to others. Its the most effective communications thing I have.
Gotta admit I would hate to lay out a web page in C++.
I do mostly embedded, so C++ for the big stuff and assembler for bit-banging the hardware driver.
I was programming Fortran 77 before, and really fell in love with C++ structures.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by PiMuNu on Tuesday April 10 2018, @08:46AM
It's a nice analogy...