rust-secure-code
Fix `ncurses` crate
It's a very low-download crate, but people still use it.
I've filed an issue just now asking them to remove all invalid unsafe{} blocks, and this issue here is just a bit of a tracker/reminder that the process has been poked in the right direction.
That crate currently has exploitable security vulnerabilities in safe functions. There is even a security advisory about it: https://rustsec.org/advisories/RUSTSEC-2019-0006.html
pancurses crate has the same issues, also unaddressed: https://rustsec.org/advisories/RUSTSEC-2019-0005.html
That crate's stated goal is to provide a thin Rust wrapper, so it should just be called ncurses-sys and expose all functions as unsafe fn. Which it currently doesn't, and that's a problem.
one issue is that in ncurses there's a huge pile of CPP macros defined, so if you only expose the real functions you end up with a lib that is harder to use than "actual" ncurses.
So some amount of something needs to happen
There is one other crate wrapping ncurses - https://crates.io/crates/ncursesw
It has its own bindings and seems to be in a better shape, plus has safe wrappers on top. There's probably opportunity for collaboration there. Or we could just convert all users of ncurses crate to it.
Alternatively we can mark all ncurses crate functions unsafe and call it a day, but then all the users like pancurses (of which there are many) are going to be dealing with that unsafety, which is not ideal.
it's maybe worth noting that, outside of very special circumstances, ncurses doesn't exist on modern systems. It's just a facade lib that actually wraps ncursesw anyway.