Heartbleed is caused by an unchecked memcpy. In particular the size of the memory chunk to be copied is retrieved from a client request and and is not checked

On 9 April 2014 10:15, Vasili I. Galchin <vigalchin@gmail.com> wrote:

http://heartbleed.com/

Ok .. I just scanned this .. but is this problem a "logic" bug in the OpenSSL C/C++ code or is a type correctness issue?

Thanks,

Vasili

_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe