On Thu, Jun 29, 2000 at 07:05:38PM +0200, Bruno Haible wrote:
> In fact, I even _hope_ that they have modified it, because tgetent()
> by itself is an unsafe function. It is the ideal target for buffer
> overflow attacks. It shouldn't be used in any setuid 'root' or (on
> SuSE Linux) setgid 'tty' executable, except if the tgetent() function
> always ignores its first argument and mallocs its own buffer. (Which
> is what the ncurses implementation of tgetent() does, btw.)
actually it doesn't malloc a buffer. from the manpage:
int tgetent(const char *bp, char *name);
...
The tgetent routine loads the entry for name. It returns
1 on success, 0 if there is no such entry, and -1 if the
terminfo database could not be found. The emulation
ignores the buffer pointer bp.
--
Thomas E. Dickey <[EMAIL PROTECTED]>
http://dickey.his.com
ftp://dickey.his.com
-
Linux-UTF8: i18n of Linux on all levels
Archive: http://mail.nl.linux.org/lists/
- Crash in xterm-136 with unicode patch 0.7 (termcap) Markus Kuhn
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Jean-Marc Desperrier
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Henry Spencer
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Bruno Haible
- Re: Crash in xterm-136 with unicode patch 0.... Thomas Dickey
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Ulrich Drepper
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Henry Spencer
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Bruno Haible
- Re: Crash in xterm-136 with unicode patch 0.... Ulrich Drepper
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Ulrich Drepper
- Re: Crash in xterm-136 with unicode patch 0.... Henry Spencer
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Thomas Dickey
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Ulrich Drepper
- Re: Crash in xterm-136 with unicode patch 0.... Jean-Marc Desperrier
- Re: Crash in xterm-136 with unicode patch 0.7 (t... Henry Spencer
