Ros-dev January 2006

ros-dev@reactos.org

69 participants
136 discussions

by Murphy, Ged (Bolton)

D. Hazelton wrote: > Someone mentioned that regedit might be a piece of code which > is the only one > to use a function call... All modern windows releases ship > with two versions > of regedit, regedit.exe and regedt32.exe - and there have > been several > third-party replacements for regedit released. Win XP and above ship with a new regedit. Regedit.exe(win98 derivative) and regedt32.exe(crippled version for 2K) have both been dropped. Ged ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 7 months

GetGlyphOutline

by James Tabor

Hi, I finished a fast port of GetGlyphOutline from Wine. Not too bad, no crashes. Thanks, James

18 years, 7 months

RE: Ros-dev Digest, Vol 17, Issue 64

by Lucio Diaz

Dont be silly, all of you, such audit will take at least half a year and reimplementing everything will just destroy the proyect. Use your heads, you are programmers, and you fear there is leaked code, if there is any their assembly it should be similar to the windows one, so be easy: compile reactos, dissasemble it. Then dissasemble windows. Write a tool that compares dissassembled code. And you have ONLY (and is still lots of work) to compare where there are enough coincidences betwen reactos assembly and windows assembly. Once you get to those spots you only have to check if there is a logical conclusion of a sole way of doing something (like clearing a stack) or a copied code. Why hope for reactos, Lucio Diaz. --------------------------------- LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com

18 years, 7 months

RE: [ros-dev] Bugzilla and Security Audit Documentation

by Murphy, Ged (Bolton)

M Bealby wrote: > Hey all, Hi Martin > I have finished my security audit of one of the pieces of code in the > new svn repository! (/base/services/tcpsvcs/) > > In my audit notes I have listed the problems by simple filename:line, > flaw, description. They are also dated. Is this the same sort of > documentation you would like in svn and bugzilla too? I think the best place for this would be bugzilla. You can group the full audit in one bug. > On that note, what is happening with bugzilla? I seem to remember > someone mentioning that someone was going to go through all the bug > reports and close any that affected non-audited code. Is this > correct? I don't know what is happening with bugzilla at the moment. We've lost WaxDragon now :( He used to take care of bugzilla, and all other things related to testing. You don't want the job, do you ?? ;) > Should I submit my bug report anyway? I'll write something > noticeable in the summary field so it is obvious it is to do with the > security audit. When you submit it, I'll try to get it fixed straight away. I expect there to be quite a few fixes as I just threw this code together quickly to give us something to test with. ;) > Are we going to implement something like Peters /documentation/ patch? > If so I will put my security auditing notes in there too. I don't see any reason to store information which is going to be fixed. Bugzilla and SVN will take care of the history for us. However if there is general audit information in there, then I think is should be treated in the same manner as the rest and stored in the respective directory accordingly. Regards, Ged. ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 7 months

New Setup system

by David Hinz

Hey guys, at first I was shocked, when I read that you want to audit all code and will have to rewrite a lot of the old code, but then I realised, that this is a great chance for making improvements. Here's one of my ideas: We could create a completely new setup, that will have a gui (not really a new idea...). But the second thing would be to create something similar to debians apt and debconf. My idea was to create a new setup, that installs ReactOS in packets, that would look a bit like this: A compressed archive (maybe bzip) that contains a folder with all the files, that need to be installed, one file that contains informations like e.g. where to put the files (%SYSTEMROOT% or %WINDIR%...) and one script file that looks a bit like a batch file. Maybe we could add a file, that contains some questions and hints, that can be interpreted by different configuration utilities. That is, what is IN these archives, in addition to this the header of the file would contain uncompressed information about the dependencies, so that they are easier to read. All this would give us some big advantages. For example we would be able to create different distributions and repositories. Companies would be able to have a mirror of our repository and could additionally have their own repositories, whose files depend on ours. This would ease deployment in big companies and would be a big advantage compared to Microsoft, as everything happens completely unattended, even if you upgrade from ReactOS 1.0 to 3.0. I'm looking forward to read what you think about my idea. Greets, David Hinz

18 years, 7 months

RE: [ros-diffs] [martinf] 33: import the lean explorer branch into thenew repository

by Casper Hornstrup

If you want to use Subversion's merging abilities then you need to copy this from trunk. Casper

18 years, 7 months

NTOSKRNL Audit

by Ge van Geldorp

I've made a start with the audit of NTOSKRNL. The page http://www.reactos.org/wiki/index.php/Ntoskrnl_audit contains a list of all the public (either exported or syscall) routines of our ntoskrnl.exe, with a template to fill in the audit metrics which were proposed. I already checked the documentation status of all routines. GvG

18 years, 7 months

Bugzilla and Security Audit Documentation

by M Bealby

Hey all, I have finished my security audit of one of the pieces of code in the new svn repository! (/base/services/tcpsvcs/) In my audit notes I have listed the problems by simple filename:line, flaw, description. They are also dated. Is this the same sort of documentation you would like in svn and bugzilla too? On that note, what is happening with bugzilla? I seem to remember someone mentioning that someone was going to go through all the bug reports and close any that affected non-audited code. Is this correct? Should I submit my bug report anyway? I'll write something noticeable in the summary field so it is obvious it is to do with the security audit. Are we going to implement something like Peters /documentation/ patch? If so I will put my security auditing notes in there too. Cheers, Martin

18 years, 7 months

Pathcomments corrected

by Jack Bane

Corrected some "old-style" file path-comments JB

18 years, 7 months

TLD documentation diff

by Peter Ward

Index: documentation/README =================================================================== --- documentation/README (revision 0) +++ documentation/README (revision 0) @@ -0,0 +1,11 @@ +This is the documentation directory for the ReactOS project. + + +Directory Layout: + +api\ : Documentation for various APIs. +articles\ : Howto's, Articles and related documentation. +audit\ : Documentation about and gathered by the audit. +reverse.engineering\ : Clean-Room effort documentation. + : _Only_ human language and pseudo-code documentation is allowed here. +

18 years, 7 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-dev January 2006