Eight new use-after-free bugs introduced into Safari in the last 12 months. Chrome and Edge use garbage collection in C++ to eliminate a large proportion of these security issues, but Safari is still adding them.https://twitter.com/ProjectZeroBugs/status/1047889297049714688 …
-
-
For some reason this fuzzer doesn't find a lot of UaF bugs in Firefox though. Of the 4 found originally only one was a UaF. https://googleprojectzero.blogspot.com/2017/09/the-great-dom-fuzz-off-of-2017.html …
-
I’m told there are a lot of static analyses to prevent UAF called by reentrant JS.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.