Flash is decades old, not that big, and still has use-after-free vulnerabilities? Tools for catching those have been widely available for years. That makes one suspect those vulnerabilities aren't there by accident.
We need public disclosure of the code check-in that created the bug, with names. People need to be fired for this.
Work on a massive decades old software project and get ready to have your eyes opened. All the automated static and dynamic software analyzers catch only the easiest flaws, but can catch the more serious ones only if you're skilled and lucky.
Firing people for software bugs is the stupidest thing I've heard in a while. Everyone writes horrific software flaws. Everyone. The best of the best programmers just write less of them. Firing people for bugs is a job perk that will only motivate any good developers to find a less stupid employer as soon as possible.
All the automated static and dynamic software analyzers catch only the easiest flaws
In a 64-bit environment, at least for development purposes, why can't every single malloc() cause an allocation from new memory page(s)? Then free() removes the page(s) from accessible virtual memory.
Too much overhead for production, but it would sure catch a lot of use-after-free bugs during development. Is nobody doing something like that, or is that part of what you consider "the easiest flaws"?
It's been a while but I'm pretty sure the issues here only happen in extremely contrived edge cases. Not to say they aren't big deals or to downplay them, but I don't think even that would catch them reliably. Not without extremely heavy fuzzing or something.
Flash is big - video, audio, animation, browser hooks, filesystem access, etc. - and while Flash has been around for decades the code in the current iteration mostly hasn't been.
This comment was heavily voted down a day or so ago (not by me, I voted it up). But just now I'm reading about yet another zero-day, this time against Java.
So the question is, when are we going to get disgusted, sick and tired of all this sloppy code? When will "heads will roll for this" revert to being a meaningful punishment instead of just a historic cliche?
Enough is enough! If there are no consequences there will be no improvement.
We need public disclosure of the code check-in that created the bug, with names. People need to be fired for this.