src/syncterm/telnet_io.c - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/syncterm/telnet_io.c
De:       Deuc¨
Data:     Sun, 15 Mar 2026 01:06:05 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/6986bd4168837eed5e5593a2
Modified Files:
	src/syncterm/telnet_io.c
Log Message:
Fix telnet parser getting stuck on long subnegotiations

telnet_interpret() stores incoming subnegotiation bytes in
telnet_cmd[64].  When the buffer fills, telnet_cmdlen stays at 64
and no further bytes are stored.  The IAC SE termination check at
telnet_cmd[telnet_cmdlen-2] then reads stale data and can never
match, so the parser permanently stays in SB mode and swallows all
subsequent terminal output.

Fix: when the buffer is full, slide the last two bytes forward so
that position [62] always holds the previous byte and [63] holds the
current byte.  The existing telnet_cmd[telnet_cmdlen-2] check then
sees a fresh IAC when it arrives, and correctly terminates the
subnegotiation.

A malicious (or just chatty) server sending e.g. a >64-byte
ENVIRON or NEW-ENVIRON SB would trigger this.

Co-Authored-By: Claude Opus 4.6 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]