It was possible to circumvent telnet's security ``-E'' (no escape at all)

option by running it with ``-8 -E'' and passing it 0xff character. PR: 6317 Reviewed by: des, David Borman <dab@bsdi.com> (the author)
svn path=/head/; revision=47911
1999-06-14 18:46:15 +00:00 · 1999-06-14 18:46:15 +00:00 · 1c51699372 · 2020-12-20 02:59:44 +00:00
commit 1c51699372
parent b8f659fe68
1 changed files with 1 additions and 1 deletions
--- a/usr.bin/telnet/telnet.c
+++ b/usr.bin/telnet/telnet.c
@ -1987,7 +1987,7 @@ telsnd()
 		}
 		if ((sc == '\n') || (sc == '\r'))
 			bol = 1;
-	} else if (sc == escape) {
+	} else if (escape != _POSIX_VDISABLE && sc == escape) {
 	    /*
 	     * Double escape is a pass through of a single escape character.
 	     */