diff options
| author | Xe Iaso <me@xeiaso.net> | 2024-02-01 15:28:57 -0500 |
|---|---|---|
| committer | Xe Iaso <me@xeiaso.net> | 2024-02-01 15:28:57 -0500 |
| commit | ad884fafc419f5e36aca907fd8e88cb7458e4f58 (patch) | |
| tree | d0c9100347a8ce15cff77a35d716533fd3e2062a /cmd | |
| parent | ee0aa5a05515d16be51229dd42c8c0c4cec19819 (diff) | |
| download | xesite-ad884fafc419f5e36aca907fd8e88cb7458e4f58.tar.xz xesite-ad884fafc419f5e36aca907fd8e88cb7458e4f58.zip | |
'No way to prevent this' says users of the only programming language where this regularly happens
Signed-off-by: Xe Iaso <me@xeiaso.net>
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/no-way-to-prevent-this/main.go | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/cmd/no-way-to-prevent-this/main.go b/cmd/no-way-to-prevent-this/main.go new file mode 100644 index 0000000..45803c5 --- /dev/null +++ b/cmd/no-way-to-prevent-this/main.go @@ -0,0 +1,64 @@ +package main + +import ( + "flag" + "os" + "text/template" + "time" +) + +var ( + date = flag.String("date", time.Now().Format(time.DateOnly), "Date of the CVE") + cve = flag.String("cve", "", "CVE number") + cveLink = flag.String("cve-link", "", "CVE link") + project = flag.String("project", "", "Project name") + projectLink = flag.String("project-link", "", "Project link") + summary = flag.String("summary", "a memory safety vulnerability resulting in arbitrary code execution", "Summary of the CVE") +) + +func main() { + flag.Parse() + + os.MkdirAll("./lume/src/shitposts/no-way-to-prevent-this", 0755) + fout, err := os.Create("./lume/src/shitposts/no-way-to-prevent-this/" + *cve + ".md") + if err != nil { + panic(err) + } + defer fout.Close() + + data := map[string]string{ + "Date": *date, + "CVE": *cve, + "CVELink": *cveLink, + "Project": *project, + "ProjectLink": *projectLink, + "Summary": *summary, + } + + tmpl := template.Must(template.New("article").Parse(articleTemplate)) + if err := tmpl.Execute(fout, data); err != nil { + panic(err) + } +} + +const articleTemplate = `--- +title: '"No way to prevent this" says users of the only programming language where this regularly happens' +date: {{.Date}} +series: "no-way-to-prevent-this" +type: blog +hero: + ai: "Photo by Andrea Piacquadio, source: Pexels" + file: sad-business-man + prompt: A forlorn business man resting his head on a brown wall next to a window. +--- + +In the hours following the release of [{{.CVE}}]({{.CVELink}}) for the project [{{.Project}}]({{.ProjectLink}}), site reliability workers +and systems administrators scrambled to desperately rebuild and patch all their systems to fix {{.Summary}}. This is due to the affected components being +written in C, the only programming language where these vulnerabilities regularly happen. "This was a terrible tragedy, but sometimes +these things just happen and there's nothing anyone can do to stop them," said programmer Willodean Santorella, echoing statements +expressed by hundreds of thousands of programmers who use the only language where 90% of the world's memory safety vulnerabilities have +occurred in the last 50 years, and whose projects are 20 times more likely to have security vulnerabilities. "It's a shame, but what can +we do? There really isn't anything we can do to prevent memory safety vulnerabilities from happening if the programmer doesn't want to +write their code in a robust manner." At press time, users of the only programming language in the world where these vulnerabilities +regularly happen once or twice per quarter for the last eight years were referring to themselves and their situation as "helpless." +` |