[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NULL Pointer Dereference in unsetcmd() at inetutils/telnet/commands.
From: |
Erik Auerswald |
Subject: |
Re: NULL Pointer Dereference in unsetcmd() at inetutils/telnet/commands.c:1227 |
Date: |
Fri, 8 Jul 2022 19:13:25 +0200 |
Hi Simon,
On Thu, Jul 07, 2022 at 11:32:50PM +0200, Simon Josefsson wrote:
> Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:
>
> >> This happens when the "unset" command is used with a single space as
> >> argument, [...]
>
> I do wonder if this (and other) bugs are present in other modern
> implementations though? Or if they discovered this problem and patched
> it in some different way... if anyone has time to look into it, that
> would be nice.
At least Netkit telnet has the same set/unset crash:
$ telnet.netkit
telnet.netkit> set ' ' crash
Segmentation fault (core dumped)
$ telnet.netkit
telnet.netkit> unset ' '
Segmentation fault (core dumped)
Also the makeargv() crash:
$ telnet.netkit
telnet.netkit> help z ! ? z ! ? z ! ? z ! ? z ! ? z ! ? z !
suspend telnet
?Invalid help command !
Print help information
suspend telnet
?Invalid help command !
Print help information
suspend telnet
?Invalid help command !
Print help information
suspend telnet
?Invalid help command !
Print help information
suspend telnet
?Invalid help command !
Print help information
suspend telnet
?Invalid help command !
Print help information
suspend telnet
Segmentation fault (core dumped)
It does not have the "help help" crash:
$ telnet.netkit
telnet.netkit> help help
Print help information
telnet.netkit> q
This is Netkit telnet from Ubuntu 20.04:
$ dpkg -S `which telnet.netkit`
telnet: /usr/bin/telnet.netkit
$ apt-cache policy telnet | grep '\*\*\*'
*** 0.17-41.2build1 500
It seems to me as if this Netkit project no longer exists. Since I do
not know the upstream project, I have not report any bugs, and have not
send any patches.
I do not have a BSD system to test, but anyone who does can easily try
out the above.
Thanks,
Erik
--
Thinking doesn't guarantee that we won't make mistakes. But not thinking
guarantees that we will.
-- Leslie Lamport