You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue #9 was closed, but the undefined behavior was not addressed. There is a clear lack of programmer discipline here. Your program only does what you think it does on a few specific hardware/OS/compiler/library combinations, and it does not prove that printf is Turing complete. To prove printf is TC, you would have to find a security hole within the standard itself that allows for an ACE exploit, not a bug in a specific implementation. The second something upstream updates to patch the hole, boom, the program stops working.
If this were presented as a demonstration of an ACE exploit for the purpose of informing upstream of a security hole (in which case you would be listing the libraries and systems that it works on), then I would not be taking issue. But instead, you seem to be keen on slandering C itself for some internet clout, and making ridiculous claims like your claim that printf is TC, based on some implementations having a vulnerability. This is not okay. You are misrepresenting the language and its library. This issue should remain open until you adjust your priorities away from clout and towards helping major operating system vendors improve their security. Do you have any plans to contribute security code to the Linux kernel, or is this an ego thing?
The text was updated successfully, but these errors were encountered:
Issue #9 was closed, but the undefined behavior was not addressed. There is a clear lack of programmer discipline here. Your program only does what you think it does on a few specific hardware/OS/compiler/library combinations, and it does not prove that printf is Turing complete. To prove printf is TC, you would have to find a security hole within the standard itself that allows for an ACE exploit, not a bug in a specific implementation. The second something upstream updates to patch the hole, boom, the program stops working.
If this were presented as a demonstration of an ACE exploit for the purpose of informing upstream of a security hole (in which case you would be listing the libraries and systems that it works on), then I would not be taking issue. But instead, you seem to be keen on slandering C itself for some internet clout, and making ridiculous claims like your claim that printf is TC, based on some implementations having a vulnerability. This is not okay. You are misrepresenting the language and its library. This issue should remain open until you adjust your priorities away from clout and towards helping major operating system vendors improve their security. Do you have any plans to contribute security code to the Linux kernel, or is this an ego thing?
The text was updated successfully, but these errors were encountered: