“without checking size”
I stopped reading at that point. History endlessly repeats on this one. Argument checks on length were in Burroughs B5000 in 1961 enforced at CPU level since it was known to be so common & bad. Endless buffer, etc overflows. You’d think people would learn by now. Fortunately, the QA processes of major software used in mission-critical systems and clouds are good enough to prevent such mistakes. Now, what software did this problem occur in? (pause) Oh my…
EDIT to add the usual examples on making hypervisors secure. Check “Layered Design” and “Assurance” sections of first. The second is summary. Project is FOSS component already integrated into Genode Framework. Needs code review, though, by breakers since it was a CompSci work.