Erik Auerswald <auers...@unix-ag.uni-kl.de> writes: > Hi, > > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote: >> >> I've pushed the attached patch removing an integer overflow from telnet. > > Thanks! Should this be added to NEWS?
Thanks Collin, and yes please :) >> The overflow occurs went sending 'send dont <value>' but the value >> exceeds INT_MAX. > > 'send dont <value>' is a "hidden" command, i.e., it is not shown in the > output of 'send ?', because the 'help' string is NULL (see the definition > of Sendlist[] in telnet/commands.c). Does someone know the reason to > hide this command (and similar ones) from the online help? I don't know the history -- but (sounding like a broken record by now) did anyone check *BSD telnet behaviour? I'm not a fan of intentionally not documentating supported commands, so +1 on any patch to document this from me, regardless of what *BSD telnet does. /Simon
signature.asc
Description: PGP signature
