[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Fix off-by-one error in telnet/telnet.c (version 2)

From: Erik Auerswald
Subject: Re: [PATCH] Fix off-by-one error in telnet/telnet.c (version 2)
Date: Wed, 9 Feb 2022 08:58:59 +0100
User-agent: Mutt/1.5.21 (2010-09-15)


On Tue, Feb 08, 2022 at 10:04:28PM +0100, Erik Auerswald wrote:
> when sending the Terminal-Type during "subnegotiation", the terminating
> TELNET command "SE" (end of subnegotiation parameters) is omitted when an
> overlong terminal name is returned by gettermname(), because the length
> calculation to check if the name fits into the buffer does not account
> for the terminating NUL byte written by snprintf().
> The attached patch fixes this.  Please let me know if you need copyright
> assignment in order to use this trivial patch.  I'll do the paperwork if
> necessary, but only if necessary.

The first patch has the side-effect of sending the NUL byte that was
omitted before.  Thus I have written a second version of the patch that
adjusts the size comparison instead of the size calculation.

Best regards,
Thinking doesn't guarantee that we won't make mistakes. But not thinking
guarantees that we will.
                        -- Leslie Lamport

Attachment: inetutils-telnet-fix_ttype_off_by_one-v2.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]