1 Description: Fix buffer overflow when $HOME is large.
2 Very long values of $HOME will extend beyond fixed rcbuf[128].
3 In its stead, use dynamic allocation.
6 Bug-Debian: http://bugs.debian.org/264846
7 Comment: Introduced in netkit-telnet_0.17-25.
9 Last-Update: 2004-08-13
11 --- netkit-telnet-0.17.orig/telnet/commands.cc
12 +++ netkit-telnet-0.17/telnet/commands.cc
13 @@ -2139,22 +2139,18 @@
16 void cmdrc(const char *m1, const char *m2, const char *port) {
17 - static char *rcname = 0;
18 - static char rcbuf[128];
19 + char *rcname = NULL;
23 readrc(m1, m2, port, "/etc/telnetrc");
25 - rcname = getenv("HOME");
27 - strcpy(rcbuf, rcname);
30 - strcat(rcbuf, "/.telnetrc");
33 + if (asprintf (&rcname, "%s/.telnetrc", getenv ("HOME")) == -1)
35 + perror ("asprintf");
38 readrc(m1, m2, port, rcname);
42 #if defined(IP_OPTIONS) && defined(HAS_IPPROTO_IP)