Hi,
the function "genget()" in the file "libtelnet/genget.c" does not detect
duplicated table entries. Instead it returns the first entry as an "exact
match".
Checking for duplicated command names instead of exiting early on an exact
match would have masked the NULL pointer dereference bugs in setcmd() and
unsetcmd(). As such it could be interpreted as making the code more
robust.
The attached "inetutils-libtelnet-genget-reject_duplicate_commands.patch"
implements duplicate table entry name detection by removing the early exit
on exact match.
Thanks,
Erik
--
Premature optimization is the root of all evil.
-- Donald Knuth
diff --git a/libtelnet/genget.c b/libtelnet/genget.c
index 6051f7b4..ae62f331 100644
--- a/libtelnet/genget.c
+++ b/libtelnet/genget.c
@@ -95,8 +95,6 @@ genget (char *name, char **table, int stlen)
{
if ((n = isprefix (name, *c)) == 0)
continue;
- if (n < 0) /* exact match */
- return (c);
if (found)
return (&ambiguous);
found = c;
