2 releases
0.1.1 | Jul 24, 2022 |
---|---|
0.1.0 | Jul 23, 2022 |
#6 in #trying
Used in rust-warrior
6KB
52 lines
ncurses-lite
This is a light (microscopic) reimagining of ncurses-rs
.
After trying to use ncurses-rs
in rust-warrior
, and
getting alerted by the Github dependabot, the idea for this
new library was born.
Security Issues
Mishandling of format strings
An issue was discovered in the ncurses crate for Rust. There are format string issues in
printw
functions because C format arguments are mishandled.
Buffer overflow and format vulnerabilities
An issue was discovered in the ncurses crate for Rust. There are
instr
andmvwinstr
buffer overflows because interaction with C functions is mishandled.
The instr
function has this comment:
pub fn instr(s: &mut String) -> i32
{
/* XXX: This is probably broken. */
unsafe
{
Reassuring, right?
The mvwinstr
function has the same comment:
pub fn mvwinstr(w: WINDOW, y: i32, x: i32, s: &mut String) -> i32
{
/* XXX: This is probably broken. */
unsafe
{
These vulnerabilities have been reported in this issue, which links to:
- CVE-2019-15548 (elaborated in CWE-119)
- CVE-2019-15547 (elaborated in CWE-134)
There are some curses docs online, such as this page that documents the
innstr
family of functions.
What if
Given the complex nature of the vulnerable functions, and the difficulty in verifying whether they are currently "broken" or whether a change would be "broken" as well...
AND given that none of these functions are used in rust-warrior
...
Another option is to create a library that exposes the necessary parts of ncurses to Rust without including these vulnerabilities -- by simply leaving those functions out.
API
The following functions are implemented:
initscr
endwin
curs_set
newwin
waddch
waddstr
wclear
wrefresh
Dependencies
~43KB