Another #curl security report that took some serious mind wrestling and debugging to get to the bottom of.
In the end I deem it not a security vulnerability but you can see how this is not an easy call.
curl disclosed on HackerOne: Use After Free (that leads to...
## Summary: - Use-After-Free vulnerability that leads to arbitrary write/READ YES, I used IA along with mermaind editor (online one) to generate this graph that show these paths for...HackerOne
daniel:// stenberg://
in reply to daniel:// stenberg:// • • •Josh Bressers
in reply to daniel:// stenberg:// • • •That entire conversation was quite civilized, which is nice
These sort of bugs are always brutal to figure out