strcpy can cause a buffer overflow
user finds strcpy in #curl code
user files a CRITICAL security report against #curl for using strcpy in source code. Proof? Well he did grep the code and it shows that it does indeed use strcpy...
Never a dull moment.
https://mastodon.social/@bagder/113435116175262274
for educational purposes: hackerone.com/reports/2823554
────