Comment Re:Subtle attack against C/C++ (Score 1) 189
std::containers don't need to store their size as a separate variable
C strings don't either. It's the protocol that said "hey, rather than null terminating strings, let's put a length byte like Turbo Pascal never went out of style!"
The fun thing is that that design decision has lead to an entire CLASS of SSL bugs (in all stacks, not just openSSL) eg invalid certs validating because of a null byte in the Common Name. And heartbleed was just one more in that heap.