[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: telnet: Handle integer overflow gracefully.
|
From: |
Erik Auerswald |
|
Subject: |
Re: telnet: Handle integer overflow gracefully. |
|
Date: |
Mon, 26 Aug 2024 20:14:17 +0200 |
Hi,
On Sun, Aug 25, 2024 at 04:37:26PM +0200, Simon Josefsson wrote:
> Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:
> > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote:
> >>
> >> I've pushed the attached patch removing an integer overflow from telnet.
> >
> > Thanks! Should this be added to NEWS?
>
> Thanks Collin, and yes please :)
How about the following?
------------8<------------
diff --git a/NEWS b/NEWS
index 6d7bfef9..6628917e 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,10 @@ when using the --format or --short option. More details in
** Inetutils can now be built with C23 compilers.
Except for when configured to support Kerberos 4.
+** telnet: Fix integer overflow handling when using any of the commands
+'send do', 'send dont', 'send will', or 'send wont' with a numerical
+argument.
+
* Noteworthy changes in release 2.5 (2023-12-29) [stable]
** ftpd, rcp, rlogin, rsh, rshd, uucpd
------------>8------------
Br,
Erik
Re: telnet: Handle integer overflow gracefully., Erik Auerswald, 2024/08/26