-
In this case it wasn't even ASN.1 at fault (once only in the area of TLS signature verification buds, it seems...). The real takeaway is: don't implement (new) parsers and/or cryptography in C/C++. Use memory safe languages with strong(er) type systems, like Rust. @ProjectZeroBugs/1466115866471256067On twitter.com
♻️ 1 Retweets ❤️ 9 Favorites Mood +5 🙂