alpine 3.9
obsolete weakness #551

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

alpine-ipxe/src/ipxe-133f4c47baef6002b2ccb4904a035cda2303c6e5/src/util/mucurses_test.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.9 obsolete weakness.

 	mvwhline( secret, 2, 1, '-' | secret->attrs, secret->width - 2 );
	mvwprintw( secret, 4, 2, "%s", msg );
	mvwprintw( secret, 6, 3, "secret" );
	mvwprintw( secret, 8, 3, "confirm" );
 start:
	mvwhline( secret, 6, 12, '_' | secret->attrs, 16 );
	mvwhline( secret, 8, 12, '_' | secret->attrs, 16 );

	wmove( secret, 6, 12 );
	wgetnstr( secret, pw1, 16 );
	wmove( secret, 8, 12 );
	wgetnstr( secret, pw2, 16 );

	if ( strcmp( pw1, pw2 ) == 0 ) {
		strcpy( sec, pw1 );
		werase( secret );
	}
	else {
		mvwprintw( secret, 10, 3, "Passwords do not match" );
		goto start;
	}
}

void mdelay ( int msecs ) {
	usleep( msecs * 1000 );
} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.