Reduce size of embedded image

david-a-wheeler · david-a-wheeler · commit 631b84e7acfe · 2022-07-18T14:29:24.000-04:00
Signed-off-by: David A. Wheeler &lt;dwheeler@dwheeler.com&gt;
diff --git a/secure_software_development_fundamentals.md b/secure_software_development_fundamentals.md
@@ -1032,8 +1032,10 @@ Many other design principles have been proposed, based on problems that have hap
 
 A *race condition* happens when a system’s correct behavior depends on the sequence of events, but there is no control over that sequence. Race conditions generally involve one or more processes or threads accessing a shared resource, but this multiple access has not been properly controlled.
 
-![A blue racecar and a red racecar racing to the finish line in front of a futuristic city](openai/racecars.png)<br>
+<p align="center">
+<img src="openai/racecars.png" width="512" height="512" alt="A blue racecar and a red racecar racing to the finish line in front of a futuristic city"><br>
 *Racecars* generated by [OpenAI's Dall-E-2](https://openai.com/dall-e-2/)
+</span>
 
 If there is no control at all, that is a defect, and it might even be a vulnerability. Many programs, to be secure, have to do two things: (1) determine if a request is authorized, and (2) if it is, act on that request. If it is possible for an attacker to change the situation between steps 1 and 2, then the program could correctly determine that it is authorized, but then allow a different action that was *not* authorized. This kind of security mistake is so common that it has a name,  a *time of check - time of use* (TOCTOU) race condition.
 
