Joshua J. Drake

Interesting! Was this reported back then?

I found this ticket because I'm trying to access some specific members of instruction details. For example, I want to know if a "call" has an immediate operand and if...

I figured it out: ```rust fn get_call_target(&self, _my_insn: &MyInsn, cs_det: &InsnDetail) -> Result { let ops = cs_det.arch_detail().operands(); let op0 = &ops[0]; let op0 = match op0 { X86Operand(op) =>...

This seems to be the biggest source of instability in your exploit. I highly recommend dialing back the aggressive nature of your exploit. Further, here's more evidence to support reducing...

From Twitter: KEEN TEAM ‏@K33nTeam Sep 15 @jduck @fi01_IS01 and yes, the probe may cause some issue if other obj comes in, but anyway better chance than random pick :-P...

Okay but now you are never closing the icmp sockets of the child (since wait_to_close never returns). Is that intended??

OH I see. The sockets get closed anyway when you kill the child process from the parent. In that case, all of the code after wait_for_close() is dead code and...

> Can't SAST tools detect many common memory safety issues? Not all of them, of course (i.e. global variables used everywhere, concurrency, etc), but a fair share of common "classes"...

If I can add a point on legacy languages... We likely all agree that it's possible to write safe and secure code in languages like C and C++. The major...

> I'm sorry but it seems to me the power of scorecard is kind of getting overestimated here. It can't even detect that Coverity Scan is used by projects even...