jdd@allegra.UUCP (11/08/83)
There are several bugs in telnetd(8) in 4.2BSD. First, it loses characters from the remote side. There's a place in telnet() where it reads bytes from the pty and stores them in netobuf[] (via *nfrontp++), to be written by a netflush(). If it can't fit them all at once (perhaps because a previous netflush() couldn't empty netobuf[]), it throws the rest away. As a result, if the network doesn't run quite as fast as you'd expected, you lose characters. (We're running on a network with a small IP packet size, so this happens frequently.) At least this is better than all of the sprintf's into netobuf[] (via nfrontp) that don't even check whether there is space remaining or not. By the mechanism above, these have a very good chance at overrunning the end of the array. Oh, and there are variables, like "pcc" and "options", that are referenced before they are used. This is at best poor coding style. I have also noticed that when telnetd(8) logs me in, it does it in such a way as not to mention me in /etc/utmp or /usr/adm/wtmp. More on this later. Cheers, John ("Barely Here") DeTreville Bell Labs, Murray Hill