Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 21 Jan 2003 01:44:05 -0800
From:      Kris Kennaway <kris@obsecurity.org>
To:        Miguel Mendez <flynn@energyhq.homeip.net>
Cc:        Kris Kennaway <kris@obsecurity.org>, hackers@freebsd.org
Subject:   Re: RFC: Adding a new (safer) data entry function to libdialog
Message-ID:  <20030121094405.GA21197@rot13.obsecurity.org>
In-Reply-To: <20030121101502.049abd8e.flynn@energyhq.homeip.net>
References:  <20030120121851.30ff961f.flynn@energyhq.homeip.net> <20030121015947.GA7310@rot13.obsecurity.org> <20030121101502.049abd8e.flynn@energyhq.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--IS0zKkzwUGydFO0o
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jan 21, 2003 at 10:15:02AM +0100, Miguel Mendez wrote:
> On Mon, 20 Jan 2003 17:59:47 -0800
> Kris Kennaway <kris@obsecurity.org> wrote:
>=20
> >> [making libdialog safer }
> > libdialog is rife with overflowable buffers..I'm not sure it would be
> > safe even with this input method.
>=20
> Okay, I have another idea that might be a bit more productive, since the
> code in libdialog seems to be nothing but a huge hack. How about
> adopting tvision to replace dialog(3)? Libh uses tvision, and I've
> thought about writing a small API compat glue (libtdialog.{so,a}) that
> would allow legacy libdialog code to be linked with tvision without
> modification. The only (big) drawback I see in tvision is that it's in
> C++, otherwise is lightyears ahead of what dialog(3) currently offers.

That could be quite a worthwhile project.

Kris

--IS0zKkzwUGydFO0o
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+LRZlWry0BWjoQKURAhlwAKDVgi0ev3/dVK7kAXM5tOT3aJMJWACeMbxp
cFfV7NogSJMDGkd/Fyxu4mg=
=96wu
-----END PGP SIGNATURE-----

--IS0zKkzwUGydFO0o--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030121094405.GA21197>