Hi all,
On Mon, Aug 26, 2024 at 08:14:17PM +0200, Erik Auerswald wrote:
> On Sun, Aug 25, 2024 at 04:37:26PM +0200, Simon Josefsson wrote:
> > Erik Auerswald <auers...@unix-ag.uni-kl.de> writes:
> > > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote:
> > >>
> > >> I've pushed the attached patch removing an integer overflow from telnet.
> > >
> > > Thanks! Should this be added to NEWS?
> >
> > Thanks Collin, and yes please :)
>
> How about the following?
>
> ------------8<------------
> diff --git a/NEWS b/NEWS
> index 6d7bfef9..6628917e 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -25,6 +25,10 @@ when using the --format or --short option. More details in
> ** Inetutils can now be built with C23 compilers.
> Except for when configured to support Kerberos 4.
>
> +** telnet: Fix integer overflow handling when using any of the commands
> +'send do', 'send dont', 'send will', or 'send wont' with a numerical
> +argument.
> +
> * Noteworthy changes in release 2.5 (2023-12-29) [stable]
>
> ** ftpd, rcp, rlogin, rsh, rshd, uucpd
> ------------>8------------
I have just pushed the attached patch.
Br,
Erik
commit f02fbfef207d42e86df9022560b799c9440aad81
Author: Erik Auerswald <auers...@unix-ag.uni-kl.de>
Date: 2024-08-31 20:01:23 +0200
NEWS: mention telnet integer overflow handling fix
* NEWS: Mention the recent fix for signed integer overflow
handling.
diff --git a/NEWS b/NEWS
index 6d7bfef9..6aa1a7f5 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,12 @@ when using the --format or --short option. More details in
** Inetutils can now be built with C23 compilers.
Except for when configured to support Kerberos 4.
+** telnet: Fix signed integer overflow handling when using any of the
+commands 'send do', 'send dont', 'send will', or 'send wont' with a
+numerical argument. On some systems a signed integer overflow using
+one of these commands could have lead to an out-of-bounds array access
+usually resulting in a crash.
+
* Noteworthy changes in release 2.5 (2023-12-29) [stable]
** ftpd, rcp, rlogin, rsh, rshd, uucpd
