Tarsnap advisory provides a few lessons
Posted Jan 20, 2011 7:02 UTC (Thu) by ion
Parent article: Tarsnap advisory provides a few lessons
Id also point out that having subtle side-effects within function call parameters might be something to be avoided. Had
encr_aes->nonce++ been a separate expression it might have been less likely to be forgotten when refactoring.
to post comments)