For educational purposes we disclose this recent hackerone report on #curl claiming its sprintf() implementation is bad because it can be made to deref a bad pointer when you use it incorrectly. You know, exactly how all sprintf() implementation work - by design.
This is not the first time we had this "flaw" reported. (I did not check the "AI slop" checkbox on this one)
curl disclosed on HackerOne: Format string vulnerability,...
## Summary: A vulnerability has been identified in the curl library’s formatted output functions (specifically in curl_msnprintf and its related functions). When a malicious (attacker-controlled)...HackerOne