|
 |
9142032 |
Index: telnet.c
|
|
|
9142032 |
===================================================================
|
|
|
9142032 |
RCS file: /cvs/krbdev/krb5/src/appl/telnet/telnet/telnet.c,v
|
|
|
9142032 |
retrieving revision 5.18
|
|
|
9142032 |
diff -c -r5.18 telnet.c
|
|
|
9142032 |
*** telnet.c 15 Nov 2002 20:21:35 -0000 5.18
|
|
|
9142032 |
- --- telnet.c 15 Mar 2005 18:59:32 -0000
|
|
|
9142032 |
***************
|
|
|
9142032 |
*** 1475,1480 ****
|
|
|
9142032 |
- --- 1475,1482 ----
|
|
|
9142032 |
unsigned char flags;
|
|
|
9142032 |
cc_t value;
|
|
|
9142032 |
{
|
|
|
9142032 |
+ if ((slc_replyp - slc_reply) + 6 > sizeof(slc_reply))
|
|
|
9142032 |
+ return;
|
|
|
9142032 |
if ((*slc_replyp++ = func) == IAC)
|
|
|
9142032 |
*slc_replyp++ = IAC;
|
|
|
9142032 |
if ((*slc_replyp++ = flags) == IAC)
|
|
|
9142032 |
***************
|
|
|
9142032 |
*** 1488,1498 ****
|
|
|
9142032 |
{
|
|
|
9142032 |
register int len;
|
|
|
9142032 |
|
|
|
9142032 |
- - *slc_replyp++ = IAC;
|
|
|
9142032 |
- - *slc_replyp++ = SE;
|
|
|
9142032 |
len = slc_replyp - slc_reply;
|
|
|
9142032 |
! if (len <= 6)
|
|
|
9142032 |
return;
|
|
|
9142032 |
if (NETROOM() > len) {
|
|
|
9142032 |
ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply);
|
|
|
9142032 |
printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2);
|
|
|
9142032 |
- --- 1490,1501 ----
|
|
|
9142032 |
{
|
|
|
9142032 |
register int len;
|
|
|
9142032 |
|
|
|
9142032 |
len = slc_replyp - slc_reply;
|
|
|
9142032 |
! if (len <= 4 || (len + 2 > sizeof(slc_reply)))
|
|
|
9142032 |
return;
|
|
|
9142032 |
+ *slc_replyp++ = IAC;
|
|
|
9142032 |
+ *slc_replyp++ = SE;
|
|
|
9142032 |
+ len += 2;
|
|
|
9142032 |
if (NETROOM() > len) {
|
|
|
9142032 |
ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply);
|
|
|
9142032 |
printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2);
|
|
|
9142032 |
***************
|
|
|
9142032 |
*** 1645,1650 ****
|
|
|
9142032 |
- --- 1648,1654 ----
|
|
|
9142032 |
register unsigned char *ep;
|
|
|
9142032 |
{
|
|
|
9142032 |
register unsigned char *vp, c;
|
|
|
9142032 |
+ unsigned int len, olen, elen;
|
|
|
9142032 |
|
|
|
9142032 |
if (opt_reply == NULL) /*XXX*/
|
|
|
9142032 |
return; /*XXX*/
|
|
|
9142032 |
***************
|
|
|
9142032 |
*** 1662,1680 ****
|
|
|
9142032 |
return;
|
|
|
9142032 |
}
|
|
|
9142032 |
vp = env_getvalue(ep);
|
|
|
9142032 |
! if (opt_replyp + (vp ? strlen((char *)vp) : 0) +
|
|
|
9142032 |
! strlen((char *)ep) + 6 > opt_replyend)
|
|
|
9142032 |
{
|
|
|
9142032 |
! register unsigned int len;
|
|
|
9142032 |
! opt_replyend += OPT_REPLY_SIZE;
|
|
|
9142032 |
! len = opt_replyend - opt_reply;
|
|
|
9142032 |
opt_reply = (unsigned char *)realloc(opt_reply, len);
|
|
|
9142032 |
if (opt_reply == NULL) {
|
|
|
9142032 |
/*@*/ printf("env_opt_add: realloc() failed!!!\n");
|
|
|
9142032 |
opt_reply = opt_replyp = opt_replyend = NULL;
|
|
|
9142032 |
return;
|
|
|
9142032 |
}
|
|
|
9142032 |
! opt_replyp = opt_reply + len - (opt_replyend - opt_replyp);
|
|
|
9142032 |
opt_replyend = opt_reply + len;
|
|
|
9142032 |
}
|
|
|
9142032 |
if (opt_welldefined((char *) ep))
|
|
|
9142032 |
- --- 1666,1684 ----
|
|
|
9142032 |
return;
|
|
|
9142032 |
}
|
|
|
9142032 |
vp = env_getvalue(ep);
|
|
|
9142032 |
! elen = 2 * (vp ? strlen((char *)vp) : 0) +
|
|
|
9142032 |
! 2 * strlen((char *)ep) + 6;
|
|
|
9142032 |
! if ((opt_replyend - opt_replyp) < elen)
|
|
|
9142032 |
{
|
|
|
9142032 |
! len = opt_replyend - opt_reply + elen;
|
|
|
9142032 |
! olen = opt_replyp - opt_reply;
|
|
|
9142032 |
opt_reply = (unsigned char *)realloc(opt_reply, len);
|
|
|
9142032 |
if (opt_reply == NULL) {
|
|
|
9142032 |
/*@*/ printf("env_opt_add: realloc() failed!!!\n");
|
|
|
9142032 |
opt_reply = opt_replyp = opt_replyend = NULL;
|
|
|
9142032 |
return;
|
|
|
9142032 |
}
|
|
|
9142032 |
! opt_replyp = opt_reply + olen;
|
|
|
9142032 |
opt_replyend = opt_reply + len;
|
|
|
9142032 |
}
|
|
|
9142032 |
if (opt_welldefined((char *) ep))
|