--d8Lz2Tf5e5STOWUP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 22, 2005 at 07:44:45PM +0200, Roland Illig wrote:
> Hi all,
>=20
> the stand-alone library still contains two function with buffer=20
> overflows, namely gets() and getpass(). To fix that, I have written the=
=20
> appended patch. The new feature it requests is that the=20
> (architecture-dependent) putchar() function can handle '\a' and either=20
> beeps or ignores it completely.

I don't think that changing gets() is the right thing to do. gets() is=20
documented to be a dangerous call, so "fixing" it to not be dangerous=20
seems backwards. Also, while libsa is a different environment from=20
userland's libc, I think we should try to keep calls with the same name in=
=20
sync.

I think a much cleaner approach is to get rid of gets() and change ALL=20
callers (note, that means checking the boot loaders for all of our=20
platforms!) to use fgets().

I wouldn't object to you coming up with a getsn() or some such that took a=
=20
buffer length and assumed standard in. Or getsl().

getpass() should already be ok. It specifically only accepts _PASSWORD_LEN=
=20
characters (which is 128 in libc/userland).

Take care,

Bill

--d8Lz2Tf5e5STOWUP
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFDCk1jWz+3JHUci9cRAn9VAJ4omj7h3BhIlgX1ZB1f/ALqlsldlwCeKRM4
tWC8oWwmeue5e1QiJR1mvPg=
=mXhk
-----END PGP SIGNATURE-----

--d8Lz2Tf5e5STOWUP--