Markus Kuhn writes:
> I just tried to install again xterm-136 with Robert's unicode patch 0.7
> and it crashes right after the start
On SuSE 6.4, I just installed xterm-139 with Robert's patch 0.7 (had a
small reject in screen.c), and it runs nicely. It linked against
libncurses, because I don't install libtermcap on my systems.
> $ rpm -q libtermcap libtermcap-devel glibc glibc-devel
> libtermcap-2.0.8-18
> ...
> My best hypothesis so far is that somehow a non-null value gets into the
> static variable is_malloced in termcap.c in the termcap library on
>
> ftp://sunsite.unc.edu/pub/Linux/GCC/termcap-2.0.8.tar.gz
Are you sure that this source represents the source of the
libtermcap-2.0.8-18 binary package? Linux distributors like to apply
patches to various unmaintained packages.
In fact, I even _hope_ that they have modified it, because tgetent()
by itself is an unsafe function. It is the ideal target for buffer
overflow attacks. It shouldn't be used in any setuid 'root' or (on
SuSE Linux) setgid 'tty' executable, except if the tgetent() function
always ignores its first argument and mallocs its own buffer. (Which
is what the ncurses implementation of tgetent() does, btw.)
> I don't remember whether the C standard requires static variables to
> be initialized to zero by the runtime environment.
Yes it does.
Bruno
-
Linux-UTF8: i18n of Linux on all levels
Archive: http://mail.nl.linux.org/lists/
