The future isn't evenly distributed. I recently discovered an actively developed software project that had a ton of helper functions based on the design of `gets` with the same vulnerability. Surprisingly not all C/C++ developers have learned yet to recoil in horror at seeing a buffer pointer being passed around without a length. (C++'s std::span was very convenient for fixing the issue by letting the buffer pointer and length be kept together, exactly like Go and Rust slices.)
alt Hacker News
The future isn't evenly distributed. I recently discovered an actively developed software project that had a ton of helper functions based on the design of `gets` with the same vulnerability. Surprisingly not all C/C++ developers have learned yet to recoil in horror at seeing a buffer pointer being passed around without a length. (C++'s std::span was very convenient for fixing the issue by letting the buffer pointer and length be kept together, exactly like Go and Rust slices.)