Attachment #28745 for bug #66128

View | Details | Raw Unified | Return to bug 66128
Collapse All | Expand All




      return;
    } else {
      char *name;
      unsigned char temp[300];
      int len;

#if	defined(TN3270)

      return;
    if (SB_GET() == TELQUAL_SEND) {
      long ospeed, ispeed;
      unsigned char temp[300];
      int len;

      TerminalSpeeds(&ispeed, &ospeed);

    if (SB_EOF())
      return;
    if (SB_GET() == TELQUAL_SEND) {
      unsigned char temp[300], *dp;
      int len;

      if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) {

	void
slc_add_reply(unsigned char func, unsigned char flags, cc_t value)
{
	if (slc_replyp + 3 >= slc_reply + sizeof(slc_reply)) {
		printf("slc_add_reply: not enough room\n");
		return;
	}
 
	if ((*slc_replyp++ = func) == IAC)
		*slc_replyp++ = IAC;
	if ((*slc_replyp++ = flags) == IAC)

{
    int len;

    if (slc_replyp + 2 >= slc_reply + sizeof(slc_reply)) {
        printf("slc_end_reply: not enough room\n");
        return;
    }
 
    *slc_replyp++ = IAC;
    *slc_replyp++ = SE;
    len = slc_replyp - slc_reply;

	{
		int len;
		unsigned char *p;
		/* Pointer wrap should be no issue here */
		opt_replyend += OPT_REPLY_SIZE;
		opt_replyend += strlen(ep);
		if (vp)
			opt_replyend += strlen(vp);
		len = opt_replyend - opt_reply;
		p = (unsigned char *)realloc(opt_reply, len);
		if (p == NULL)

Return to bug 66128

Lines 653-659 Link Here

(-)telnet-bsd-1.0/telnet/telnet.c (-3 / +17 lines)
653	return;	653	return;
654	} else {	654	} else {
655	char *name;	655	char *name;
656	unsigned char temp[50];	656	unsigned char temp[300];
657	int len;	657	int len;
658		658
659	#if defined(TN3270)	659	#if defined(TN3270)
Lines 682-688 Link Here
682	return;	682	return;
683	if (SB_GET() == TELQUAL_SEND) {	683	if (SB_GET() == TELQUAL_SEND) {
684	long ospeed, ispeed;	684	long ospeed, ispeed;
685	unsigned char temp[50];	685	unsigned char temp[300];
686	int len;	686	int len;
687		687
688	TerminalSpeeds(&ispeed, &ospeed);	688	TerminalSpeeds(&ispeed, &ospeed);
Lines 779-785 Link Here
779	if (SB_EOF())	779	if (SB_EOF())
780	return;	780	return;
781	if (SB_GET() == TELQUAL_SEND) {	781	if (SB_GET() == TELQUAL_SEND) {
782	unsigned char temp[50], *dp;	782	unsigned char temp[300], *dp;
783	int len;	783	int len;
784		784
785	if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) {	785	if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) {
Lines 1146-1151 Link Here
1146	void	1146	void
1147	slc_add_reply(unsigned char func, unsigned char flags, cc_t value)	1147	slc_add_reply(unsigned char func, unsigned char flags, cc_t value)
1148	{	1148	{
		1149	if (slc_replyp + 3 >= slc_reply + sizeof(slc_reply)) {
		1150	printf("slc_add_reply: not enough room\n");
		1151	return;
		1152	}
		1153
1149	if ((*slc_replyp++ = func) == IAC)	1154	if ((*slc_replyp++ = func) == IAC)
1150	*slc_replyp++ = IAC;	1155	*slc_replyp++ = IAC;
1151	if ((*slc_replyp++ = flags) == IAC)	1156	if ((*slc_replyp++ = flags) == IAC)
Lines 1159-1164 Link Here
1159	{	1164	{
1160	int len;	1165	int len;
1161		1166
		1167	if (slc_replyp + 2 >= slc_reply + sizeof(slc_reply)) {
		1168	printf("slc_end_reply: not enough room\n");
		1169	return;
		1170	}
		1171
1162	*slc_replyp++ = IAC;	1172	*slc_replyp++ = IAC;
1163	*slc_replyp++ = SE;	1173	*slc_replyp++ = SE;
1164	len = slc_replyp - slc_reply;	1174	len = slc_replyp - slc_reply;
Lines 1303-1309 Link Here
1303	{	1313	{
1304	int len;	1314	int len;
1305	unsigned char *p;	1315	unsigned char *p;
		1316	/* Pointer wrap should be no issue here */
1306	opt_replyend += OPT_REPLY_SIZE;	1317	opt_replyend += OPT_REPLY_SIZE;
		1318	opt_replyend += strlen(ep);
		1319	if (vp)
		1320	opt_replyend += strlen(vp);
1307	len = opt_replyend - opt_reply;	1321	len = opt_replyend - opt_reply;
1308	p = (unsigned char *)realloc(opt_reply, len);	1322	p = (unsigned char *)realloc(opt_reply, len);
1309	if (p == NULL)	1323	if (p == NULL)