Subject: bin/12004: telnet and tn3270 have buffer overflow
To: None <>
From: Jeremy C. Reed <>
List: netbsd-bugs
Date: 01/19/2001 17:39:20
>Number:         12004
>Category:       bin
>Synopsis:       tn3270 and telnet get Seg Fault when argument is long
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 19 17:42:01 PST 2001
>Originator:     Jeremy C. Reed
>Release:        1.5.1_ALPHA
System: NetBSD rainier 1.5.1_ALPHA NetBSD 1.5.1_ALPHA (JCR-1.5-20010108) #0: Mon Jan 8 09:25:45 PST 2001 reed@rainier:/usr/src/sys/arch/i386/compile/JCR-1.5-20010108 i386

 telnet and tn3270 get a segmentation fault from a bad strcpy in 
 For further details look at:
  Use a 99999-character command line argument.
I guess it should check if hostp is too long and then give a
friendly error.
Problem I believe is on line 2434.

Or something like:

(void) strncpy(_hostname, hostp, sizeof(_hostname));