
Curing the Vulnerable Parser [pdf] - mpweiher
https://www.usenix.org/system/files/login/articles/login_spring17_08_bratus.pdf
======
munin
It's worth noting that Cloudflare followed this advice (whether or not they
knew they were) and did not roll their own parser, and still, there was a bug.
I'm pretty sure that parser correctness and program security is mostly
unrelated, and you can show this both theoretically and empirically.

