top | item 40985647

(no title)

joh6nn | 1 year ago

The malicious commit was designed to be confusing, as noted in the first comment of the investigation:

> but calls to safe_fprintf were replaced with calls to the unsafe fprintf. The diff doesn't make this obvious due to the removal of a newline in a parameter list.

It wasn't noticed because it was specifically designed not to be obvious.

discuss

No comments yet.