On Thu, May 03, 2007 at 04:58:58PM -0500, Tom Spear wrote:
> On 5/3/07, Marcus Meissner <[EMAIL PROTECTED]> wrote:
> >wine is not using gets() at all, insofar there is no risk from it.
>
> That much I knew, however we do use strcpy (especially in msi), and
> that is another one that has been depre
Am Donnerstag 03 Mai 2007 23:58 schrieb Tom Spear:
> On 5/3/07, Marcus Meissner <[EMAIL PROTECTED]> wrote:
> > wine is not using gets() at all, insofar there is no risk from it.
>
> That much I knew, however we do use strcpy (especially in msi), and
> that is another one that has been deprecated ("
On 03.05.2007 22:00, Tom Spear wrote:
> Do we implement secured versions of other functions, and if
> not, how come?
The *_s functions are provided by the C runtime library (ie
msvcr80.dll). So Wine probably doesn't need to implement them (at least
not until they pop up in, say, msvcrt.dll).
-f.r
On 5/3/07, Kai Blin <[EMAIL PROTECTED]> wrote:
On Thursday 03 May 2007 23:16, Tom Spear wrote:
Noone should use gets(). There are lots of better alternatives. For the other
deprecated functions, there are ways to check that the input is valid before
calling it, iirc.
I agree that nobody uses i
On Thursday 03 May 2007 23:16, Tom Spear wrote:
> Otherwise I assume there would be thousands of buffer overflows that
> (malicious) people would exploit.
Noone should use gets(). There are lots of better alternatives. For the other
deprecated functions, there are ways to check that the input is
On 5/3/07, Marcus Meissner <[EMAIL PROTECTED]> wrote:
wine is not using gets() at all, insofar there is no risk from it.
That much I knew, however we do use strcpy (especially in msi), and
that is another one that has been deprecated ("banned")..
See http://msdn2.microsoft.com/en-us/library/bb
On Thu, May 03, 2007 at 04:16:31PM -0500, Tom Spear wrote:
> On 5/3/07, Robert Shearman <[EMAIL PROTECTED]> wrote:
> >Tom Spear wrote:
> >> I was writing up a Hello World with input program for a demonstration
> >> for a non-developer coworker last week, and used the unsecured getch()
> >> and got
On 5/3/07, Robert Shearman <[EMAIL PROTECTED]> wrote:
Tom Spear wrote:
> I was writing up a Hello World with input program for a demonstration
> for a non-developer coworker last week, and used the unsecured getch()
> and got the standard warning about how it was unsecured and dangerous
> to use
Tom Spear wrote:
I was writing up a Hello World with input program for a demonstration
for a non-developer coworker last week, and used the unsecured getch()
and got the standard warning about how it was unsecured and dangerous
to use that. That prompted me to look up the basic secured functions
I was writing up a Hello World with input program for a demonstration
for a non-developer coworker last week, and used the unsecured getch()
and got the standard warning about how it was unsecured and dangerous
to use that. That prompted me to look up the basic secured functions
on the MS website
10 matches
Mail list logo
