]>
Commit | Line | Data |
---|---|---|
b52f6eb2 DW |
1 | --- netkit-telnet-0.17/telnet/telnet.c.CAN-2005-468_469 2005-03-17 13:48:58.000000000 +0100 |
2 | +++ netkit-telnet-0.17/telnet/telnet.c 2005-03-17 14:02:27.000000000 +0100 | |
3 | @@ -1310,22 +1310,66 @@ | |
4 | } | |
5 | ||
6 | ||
7 | -unsigned char slc_reply[128]; | |
8 | +#define SLC_REPLY_SIZE 128 | |
9 | +unsigned char *slc_reply; | |
10 | unsigned char *slc_replyp; | |
11 | +unsigned char *slc_replyend; | |
12 | ||
13 | void | |
14 | slc_start_reply(void) | |
15 | { | |
16 | + slc_reply = (unsigned char *)malloc(SLC_REPLY_SIZE); | |
17 | + if (slc_reply == NULL) { | |
18 | +/*@*/ printf("slc_start_reply: malloc()/realloc() failed!!!\n"); | |
19 | + slc_reply = slc_replyp = slc_replyend = NULL; | |
20 | + return; | |
21 | + } | |
22 | + | |
23 | slc_replyp = slc_reply; | |
24 | + slc_replyend = slc_reply + SLC_REPLY_SIZE; | |
25 | *slc_replyp++ = IAC; | |
26 | *slc_replyp++ = SB; | |
27 | *slc_replyp++ = TELOPT_LINEMODE; | |
28 | *slc_replyp++ = LM_SLC; | |
29 | } | |
30 | ||
31 | +static int | |
32 | +slc_assure_buffer(int want_len); | |
33 | + | |
34 | + static int | |
35 | +slc_assure_buffer(int want_len) | |
36 | +{ | |
37 | + if ((slc_replyp + want_len) >= slc_replyend) { | |
38 | + int len; | |
39 | + int old_len = slc_replyp - slc_reply; | |
40 | + unsigned char *p; | |
41 | + | |
42 | + len = old_len | |
43 | + + (want_len / SLC_REPLY_SIZE + 1) * SLC_REPLY_SIZE; | |
44 | + p = (unsigned char *)realloc(slc_reply, len); | |
45 | + if (p == NULL) | |
46 | + free(slc_reply); | |
47 | + slc_reply = p; | |
48 | + if (slc_reply == NULL) { | |
49 | +/*@*/ printf("slc_add_reply: realloc() failed!!!\n"); | |
50 | + slc_reply = slc_replyp = slc_replyend = NULL; | |
51 | + return 1; | |
52 | + } | |
53 | + slc_replyp = slc_reply + old_len; | |
54 | + slc_replyend = slc_reply + len; | |
55 | + } | |
56 | + return 0; | |
57 | +} | |
58 | + | |
59 | void | |
60 | slc_add_reply(unsigned char func, unsigned char flags, cc_t value) | |
61 | { | |
62 | + if (slc_assure_buffer(6)) | |
63 | + return; | |
64 | + | |
65 | + if (slc_replyp == NULL) | |
66 | + return; | |
67 | + | |
68 | if ((*slc_replyp++ = func) == IAC) | |
69 | *slc_replyp++ = IAC; | |
70 | if ((*slc_replyp++ = flags) == IAC) | |
71 | @@ -1339,6 +1383,12 @@ | |
72 | { | |
73 | int len; | |
74 | ||
75 | + if (slc_assure_buffer(2)) | |
76 | + return; | |
77 | + | |
78 | + if (slc_replyp == NULL) | |
79 | + return; | |
80 | + | |
81 | *slc_replyp++ = IAC; | |
82 | *slc_replyp++ = SE; | |
83 | len = slc_replyp - slc_reply; | |
84 | @@ -1456,7 +1506,7 @@ | |
85 | } | |
86 | } | |
87 | ||
88 | -#define OPT_REPLY_SIZE 256 | |
89 | +#define OPT_REPLY_SIZE 1024 | |
90 | unsigned char *opt_reply; | |
91 | unsigned char *opt_replyp; | |
92 | unsigned char *opt_replyend; | |
93 | @@ -1490,10 +1540,38 @@ | |
94 | env_opt_start_info(void) | |
95 | { | |
96 | env_opt_start(); | |
97 | - if (opt_replyp) | |
98 | + if (opt_replyp && (opt_replyp > opt_reply)) | |
99 | opt_replyp[-1] = TELQUAL_INFO; | |
100 | } | |
101 | ||
102 | +static int | |
103 | +env_opt_assure_buffer(int want_len); | |
104 | + | |
105 | + static int | |
106 | +env_opt_assure_buffer(int want_len) | |
107 | +{ | |
108 | + if ((opt_replyp + want_len) >= opt_replyend) { | |
109 | + int len; | |
110 | + unsigned char *p; | |
111 | + int old_len = opt_replyp - opt_reply; | |
112 | + | |
113 | + len = old_len | |
114 | + + (want_len / OPT_REPLY_SIZE + 1) * OPT_REPLY_SIZE; | |
115 | + p = (unsigned char *)realloc(opt_reply, len); | |
116 | + if (p == NULL) | |
117 | + free(opt_reply); | |
118 | + opt_reply = p; | |
119 | + if (opt_reply == NULL) { | |
120 | +/*@*/ printf("env_opt_add: realloc() failed!!!\n"); | |
121 | + opt_reply = opt_replyp = opt_replyend = NULL; | |
122 | + return 1; | |
123 | + } | |
124 | + opt_replyp = opt_reply + old_len; | |
125 | + opt_replyend = opt_reply + len; | |
126 | + } | |
127 | + return 0; | |
128 | +} | |
129 | + | |
130 | void | |
131 | env_opt_add(unsigned char *ep) | |
132 | { | |
133 | @@ -1515,25 +1593,12 @@ | |
134 | return; | |
135 | } | |
136 | vp = env_getvalue(ep, 1); | |
137 | - if (opt_replyp + (vp ? strlen((char *)vp) : 0) + | |
138 | - strlen((char *)ep) + 6 > opt_replyend) | |
139 | - { | |
140 | - int len; | |
141 | - unsigned char *p; | |
142 | - opt_replyend += OPT_REPLY_SIZE; | |
143 | - len = opt_replyend - opt_reply; | |
144 | - p = (unsigned char *)realloc(opt_reply, len); | |
145 | - if (p == NULL) | |
146 | - free(opt_reply); | |
147 | - opt_reply = p; | |
148 | - if (opt_reply == NULL) { | |
149 | -/*@*/ printf("env_opt_add: realloc() failed!!!\n"); | |
150 | - opt_reply = opt_replyp = opt_replyend = NULL; | |
151 | - return; | |
152 | - } | |
153 | - opt_replyp = opt_reply + len - (opt_replyend - opt_replyp); | |
154 | - opt_replyend = opt_reply + len; | |
155 | - } | |
156 | + | |
157 | + /* use the double length in case it gots escaped */ | |
158 | + if (env_opt_assure_buffer((vp ? strlen((char *)vp)*2 : 0) + | |
159 | + strlen((char *)ep)*2 + 6)) | |
160 | + return; | |
161 | + | |
162 | if (opt_welldefined((char *)ep)) | |
163 | #ifdef OLD_ENVIRON | |
164 | if (telopt_environ == TELOPT_OLD_ENVIRON) | |
165 | @@ -1588,8 +1653,14 @@ | |
166 | { | |
167 | int len; | |
168 | ||
169 | + if (opt_reply == NULL) /*XXX*/ | |
170 | + return; /*XXX*/ | |
171 | + | |
172 | + | |
173 | len = opt_replyp - opt_reply + 2; | |
174 | if (emptyok || len > 6) { | |
175 | + if (env_opt_assure_buffer(2)) | |
176 | + return; | |
177 | *opt_replyp++ = IAC; | |
178 | *opt_replyp++ = SE; | |
179 | if (NETROOM() > len) { |