Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
BorisMelnik
on July 13, 2015
|
parent
|
context
|
favorite
| on:
You cannot start a tweet with “D. Tusk”
Somewhere someone is finding a way to make this a buffer overflow. Wonder how long this will take to get fixed. I totally forgot about Twitter's in-band and SMS features until now.
tyho
on July 13, 2015
[–]
It is likely a scala program running, no buffer overflows to be found. In a modern language, you have to be very careless to allow RCE.
gohrt
on July 13, 2015
|
parent
[–]
buffer overflow is not the only way to get a RCE.
String manipulation and 'eval' (which gives access to system APIs) is a common culprit
Dylan16807
on July 13, 2015
|
root
|
parent
|
next
[–]
Using eval is gratuitous carelessness. At least a buffer overflow can be a mistake.
chc
on July 13, 2015
|
root
|
parent
|
prev
[–]
Is anything like eval commonly used in Scala? That language is static as all get-out.
eropple
on July 13, 2015
|
root
|
parent
[–]
I've started seeing (and occasionally using) util-eval as a configuration language for Scala, but it's generally pretty rare.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
