Here's one for the #langsec crowd. CloudFlare used a parser generator named Ragel, they didn't parse manually.
Bug was in generated code.
-
-
Replying to @andreasdotorg
@daveaitel The bug was apparently in misuse of the code generatorshttps://www.reddit.com/r/programming/comments/5vtv16/comment/de5ctmc?st=IZJY5ERL&sh=596ea38f …1 reply 2 retweets 3 likes
Replying to @zmanian @daveaitel
The code generator allowed misuse to be exploitable.
7:09 AM - 24 Feb 2017
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.