Date: Tue, 21 Jan 2003 10:15:02 +0100 From: Miguel Mendez <flynn@energyhq.homeip.net> To: Kris Kennaway <kris@obsecurity.org> Cc: hackers@freebsd.org Subject: Re: RFC: Adding a new (safer) data entry function to libdialog Message-ID: <20030121101502.049abd8e.flynn@energyhq.homeip.net> In-Reply-To: <20030121015947.GA7310@rot13.obsecurity.org> References: <20030120121851.30ff961f.flynn@energyhq.homeip.net> <20030121015947.GA7310@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=.FFp0jP1l_YaCs(
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
On Mon, 20 Jan 2003 17:59:47 -0800
Kris Kennaway <kris@obsecurity.org> wrote:
>> [making libdialog safer }
> libdialog is rife with overflowable buffers..I'm not sure it would be
> safe even with this input method.
Okay, I have another idea that might be a bit more productive, since the
code in libdialog seems to be nothing but a huge hack. How about
adopting tvision to replace dialog(3)? Libh uses tvision, and I've
thought about writing a small API compat glue (libtdialog.{so,a}) that
would allow legacy libdialog code to be linked with tvision without
modification. The only (big) drawback I see in tvision is that it's in
C++, otherwise is lightyears ahead of what dialog(3) currently offers.
--
Cheers,
Miguel Mendez - flynn@energyhq.homeip.net
GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt
EnergyHQ :: http://www.energyhq.tk
Of course it runs NetBSD!
--=.FFp0jP1l_YaCs(
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+LQ+anLctrNyFFPERAoEyAJ4yRiRMFwxaoogx3ngpaQRrhF+POgCfRp2R
Zo2Mxh7wJv6fE4kuZKmuSnY=
=w+bY
-----END PGP SIGNATURE-----
--=.FFp0jP1l_YaCs(--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030121101502.049abd8e.flynn>