Here's one for the #langsec crowd. CloudFlare used a parser generator named Ragel, they didn't parse manually.
Bug was in generated code.
-
-
Ragel has backends other than C and doesn't provide memory safety if you choose to use a memory unsafe backend for it.
-
It's not really a parser generator either. It's an extended take on regular expressions and you need custom code to do more.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.