Hi, On Sun, Aug 25, 2024 at 04:37:26PM +0200, Simon Josefsson wrote: > Erik Auerswald <auers...@unix-ag.uni-kl.de> writes: > > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote: > >> [...] > >> The overflow occurs went sending 'send dont <value>' but the value > >> exceeds INT_MAX. > > > > 'send dont <value>' is a "hidden" command, i.e., it is not shown in the > > output of 'send ?', because the 'help' string is NULL (see the definition > > of Sendlist[] in telnet/commands.c). Does someone know the reason to > > hide this command (and similar ones) from the online help? > > I don't know the history -- but (sounding like a broken record by now) > did anyone check *BSD telnet behaviour? I'm not a fan of intentionally > not documentating supported commands, so +1 on any patch to document > this from me, regardless of what *BSD telnet does.
I do not have any *BSD to check on available, and I always forget how to find their source code. But I have found something that might be relevant Telnet client code for OpenBSD: https://github.com/openbsd/src/blob/master/usr.bin/telnet/commands.c The 'Sendlist[]' there also has no 'help' string for 'dont' and similar commands. The 'send_help()" function also omits commands without a 'help' string. This code also seems to have the same integer overflow as fixed by Collin's patch, it at least looks similar to our previous version. Br, Erik
