Frama-C news and ideas

To content | To menu | To search | Frama-C Home

Nginx buffer overflow

A buffer overflow has been discovered in recent versions of the HTTP server Nginx.

Hacker News user jmnicolas pondered out loud: “I wonder if this discovery is a result of OpenBSD switching its focus from Apache to Nginx?”

It took me one minute to understand what ey meant. I was actually wondering why OpenBSD would be putting buffer overflows in Nginx, now that they are done putting buffer overflows in Apache. I mean, surely there is room for one more buffer overflow in Apache?

The analysis of what this means about this industry and/or me is left as an exercise to the reader.


1. On Wednesday, March 19 2014, 10:36 by Franky

OpenBSD is just adding manual fuzz-testing by end-users (which is a good thing apart from "manual" and "end-user" ;))