[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: telnet: Handle integer overflow gracefully.
|
From: |
Erik Auerswald |
|
Subject: |
Re: telnet: Handle integer overflow gracefully. |
|
Date: |
Sat, 31 Aug 2024 20:05:40 +0200 |
Hi all,
On Mon, Aug 26, 2024 at 08:14:17PM +0200, Erik Auerswald wrote:
> On Sun, Aug 25, 2024 at 04:37:26PM +0200, Simon Josefsson wrote:
> > Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:
> > > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote:
> > >>
> > >> I've pushed the attached patch removing an integer overflow from telnet.
> > >
> > > Thanks! Should this be added to NEWS?
> >
> > Thanks Collin, and yes please :)
>
> How about the following?
>
> ------------8<------------
> diff --git a/NEWS b/NEWS
> index 6d7bfef9..6628917e 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -25,6 +25,10 @@ when using the --format or --short option. More details in
> ** Inetutils can now be built with C23 compilers.
> Except for when configured to support Kerberos 4.
>
> +** telnet: Fix integer overflow handling when using any of the commands
> +'send do', 'send dont', 'send will', or 'send wont' with a numerical
> +argument.
> +
> * Noteworthy changes in release 2.5 (2023-12-29) [stable]
>
> ** ftpd, rcp, rlogin, rsh, rshd, uucpd
> ------------>8------------
I have just pushed the attached patch.
Br,
Erik
NEWS.patch
Description: Text Data
Re: telnet: Handle integer overflow gracefully., Erik Auerswald, 2024/08/26