disabling FORTIFY_SOURCE

wcrtomb wcscat wcscpy wcsncat wcsncpy wcsnrtombs wcsrtombs wcstombs wctomb wmemcpy wmemmove wmempcpy wmemset wprintf -- Kees Cook Ubuntu Security Team

Re: question about standalone tests

for > that. Okay, cool. That should probably be noted somewhere in the FAQ. Also, perhaps the lz tests should be updated as well, since they are regularly mentioned as the basic example developers should work from. -- Kees Cook@outflux.net

question about standalone tests

d for doing the build with the free-of-charge windows CLI compiler (which the "STANDALONE" stuff works fine with). Is there some new way to build standalone tests, or should I send a patch for re-including the #ifndef STANDALONE stuff for the tests?

Re: crypt32 [4/4]: (un)protectdata test suite

ect something is in the registry. I will investigate. -- Kees Cook@outflux.net

Re: [crypt32] CryptProtectData/CryptUnprotectData helper functions

On Wed, May 18, 2005 at 12:29:58PM -0700, Kees Cook wrote: > Take two. Ignore... this patch is broken, and I need to do an update of wine_dbg_printf() -> MESSAGE() -- Kees Cook@outflux.net

Re: [crypt32] CryptProtectData/CryptUnprotectData helper functions

peopl have already turned on trace/warn, or immediately following a FIXME that includes a path. I just want to use it for the readability of the structure. -- Kees Cook@outflux.net

Re: [crypt32] CryptProtectData/CryptUnprotectData helper functions

+} > > You should use the TRACE/FIXME macros here, not raw wine_dbg_printf. FIXME is sane for the "announce_bad_opaque_data", but I'd still like to use something that doesn't prefix the hexdumps with the function name for easier readability in the crypt_report_func_input, since there is already a TRACE/FIXME call being made prior to it's call. Is this okay? -- Kees Cook@outflux.net

Re: [crypt32] implementation of CryptProtectData/CryptUnprotectData

f arranged in some other way. I'm all ears for suggestions. :) -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData

y the Crypt* family of API's in advapi32.dll. All that is > necessary for this to implement should be available in wine already. Cool, that's good news. I haven't had the chance to review that stuff yet. -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData

winapi_stats page say it's at "21%". Thanks for all the clarification. I appreciate it! -- Kees Cook@outflux.net

Re: short-circuting a dialog box?

ossible, hence my desire to make the dialogs never display, not require X11, etc. I need the dialog to think it's running, though. -- Kees Cook@outflux.net

Re: short-circuting a dialog box?

On Tue, May 03, 2005 at 07:38:26PM +0200, [EMAIL PROTECTED] wrote: > YOu could trap it#s onshow event but be careful since most dlgs are > created as modal , you could end up hanging your process. How would I go about capturing that? (Or, how would I hook the event handler?) -- Kee

Re: short-circuting a dialog box?

drv:TTYDRV_GetBitmapBits (0x7d, 0x76d3501c, 128): stub -- Kees Cook@outflux.net

short-circuting a dialog box?

ally click "Ok" on a dialog box? (The dialog box coming from code that I don't have source for...) -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData

and CryptUnprotectData. (The existing patches intentionally avoid any encryption.) >From looking at Wine's configure.ac, it seems safe to depend on openssl being available. Is that correct? -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData

I don't like the ssh-agent idea because not everyone uses ssh-agent. If inventing a data format and XORing stuff is prefered, I can write it that way. What direction should I take this? -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData take 3

API call it's a usual > practice > to set the error first to some invalid value, 0xdeadbeef works fine. Added. Thanks for all the suggestions from everyone! I'm glad you're willing to put up with me. :) Take 4 on it's way. -- Kees Cook@outflux.net

Re: crypt32: CryptProtectData/CryptUnprotectData take 2

) == ERROR_INVALID_PARAMETER, "error returned > incorrect\n"); Ah-ha, I need to make calls to SetLastError then. I wasn't doing that either. Okay, 3rd time's the charm. This patch includes full documentation, as well as the test s

Re: crypt32: CryptProtectData/CryptUnprotectData take 2

What's the convention for the number after the API name? I've seen some with numbers, and some with just an "@" sign? -- Kees Cook@outflux.net

Re: Remove reference to nonexistant strmif.h

On Mon, Apr 04, 2005 at 10:24:53PM -0400, Dimitrie O. Paun wrote: > ChangeLog > Remove reference to nonexistant strmif.h > +++ include/Makefile.in 5 Apr 2005 02:23:26 - > - strmif.h \ /src/wine-cvs/include$ ls strmif.h strmif.h ? it's there for me.

Re: black-box implementation of CryptProtectData/CryptUnprotectData

e sending "version 2" of my patch in a little while. It's got your suggestions incorporated, and a small bug fix. -- Kees Cook@outflux.net

Re: black-box implementation of CryptProtectData/CryptUnprotectData

n't use C99 style variable > declarations. Ah, dang. I tried to clean those up too when I was reading the Patch how-to. I'll clean all this up, thanks very much! BTW: what is your opinion on where to store the triplets in the Registry? -- Kees Cook@outflux.net

Re: black-box implementation of CryptProtectData/CryptUnprotectData

in is the big > first step. I just think we should get a community opinion on this > matter (ya never know, everyone may disagree with me!). Keep up the > good coding. Thanks! -- Kees Cook@outflux.net

Re: black-box implementation of CryptProtectData/CryptUnprotectData

On Sun, Apr 03, 2005 at 11:04:53PM -0500, James Hawkins wrote: > On Apr 3, 2005 10:12 PM, Kees Cook <[EMAIL PROTECTED]> wrote: > > To store the triplets, these functions use the registry: > > > > Registry Layout: > > HKEY_CURRENT_USER\Software\