Hi, Earlier this week I committed this change in GNU Inetutils [1]. When sending the 'send dont <value>' telnet command, the value is not checked for overflow. Likewise for 'do', 'will', 'wont'.
Another GNU Inetutils developer segfaults doing 'send dont 2147483648' and 'send dont 9223372034707292160' but I cannot reproduce it. Here is a rough patch I wrote to usr.bin/telnet/commands.c that should fix it. I don't have an OpenBSD machine at the moment so I can't compile and test it. Sorry about that. --- commands.c 2024-08-25 19:21:24.316731997 -0700 +++ commands-fixed.c 2024-08-25 19:27:17.500422616 -0700 @@ -358,7 +358,7 @@ { char **cpp; extern char *telopts[]; - int val = 0; + long int val = 0; if (isprefix(name, "help") || isprefix(name, "?")) { int col, len; @@ -389,14 +389,12 @@ if (cpp) { val = cpp - telopts; } else { - char *cp = name; + char *cp = NULL; - while (*cp >= '0' && *cp <= '9') { - val *= 10; - val += *cp - '0'; - cp++; - } - if (*cp != 0) { + errno = 0; + val = strtol(name, &cp, 10); + + if (*cp != 0 || errno != 0) { fprintf(stderr, "'%s': unknown argument ('send %s ?' for help).\r\n", name, cmd); return 0; Collin [1] https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=a6d9848a32fafa763548e54b44cb094abdac915d