> The OpenBSD team states that they consider that the vulnerability would be exploitable if there weren't severe privilege separation and pledge involved.
Yay!
I love the fast turnaround time from the report to the release of the patch.
Function is such a mess. Even C++ would clean this right up, and then you'd actually be able to read it. I'm not even going to claim this is beautiful or flawless or whatever, but to me this kind of C++ is head and shoulders above the C code in the article in terms of readability.
I wonder if the OpenBSD team would be open to Go or Rust implementations?
Wow! that's a hardcore patch.
expectation: signed vs unsigned overflow... probably a one line diff.
openbsd: ehhh... do we really need dnssl? lets tear the whole thing out.
https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/017_s...
Honestly, I like their attitude when it comes to deleting code.