pull down to refresh

a heap-based buffer overflow
Every time. When you write a security-critical program in a language which does not do bounds-checking at runtime by default (e.g. C), these sorts of problems are essentially unavoidable.
reply