Buffer overruns, license violations, and bad code: FreeBSD 13’s close call (Ars Technica)

For those wanting more details on the saga of the WireGuard implementationthat was almost released in FreeBSD 13 (a story that LWN covered recently), thisArs Technica story digs in deep. "Despite not having any kerneldevelopers on-staff, Ars was able to verify at least some of Donenfeld'sclaims directly, quickly, and without external assistance. For instance,finding a validation function which simply returned true-and printfstatements buried deep in cryptographic loops-required nothing morecomplicated than grep."