[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Fix off-by-one error in telnet/telnet.c (version 2)
From: |
Erik Auerswald |
Subject: |
Re: [PATCH] Fix off-by-one error in telnet/telnet.c (version 2) |
Date: |
Wed, 9 Feb 2022 08:58:59 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hi,
On Tue, Feb 08, 2022 at 10:04:28PM +0100, Erik Auerswald wrote:
> when sending the Terminal-Type during "subnegotiation", the terminating
> TELNET command "SE" (end of subnegotiation parameters) is omitted when an
> overlong terminal name is returned by gettermname(), because the length
> calculation to check if the name fits into the buffer does not account
> for the terminating NUL byte written by snprintf().
>
> The attached patch fixes this. Please let me know if you need copyright
> assignment in order to use this trivial patch. I'll do the paperwork if
> necessary, but only if necessary.
The first patch has the side-effect of sending the NUL byte that was
omitted before. Thus I have written a second version of the patch that
adjusts the size comparison instead of the size calculation.
Best regards,
Erik
--
Thinking doesn't guarantee that we won't make mistakes. But not thinking
guarantees that we will.
-- Leslie Lamport
inetutils-telnet-fix_ttype_off_by_one-v2.patch
Description: Text Data