During years, I have been using telnet with a ~/.telnetrc file to connect to a serial port server. This file had the following content :
Code:
serialsrv
mode char
set binary
Connecting with "telnet serialsrv" was dislaying the message "Negotiating binary mode with remote host." (due to "set binary" in file), and everything was working OK.
But
after upgrading to Fedora 25, I had unexpected local echo and no negotiation message anymore. The workaround was to type "mode char" and "set binary" at the telnet> prompt (reached with Ctrl-]), because the file was ignored.
After some debug I discovered that the
hostanme entry in the file (serialsrv) was not processed correctly due to strncpy() used on overlaping dest/src buffers (see telnet/commands.c, function cmdrc(), lines 2220,2222,2224). Overlaping is not allowed according to strncpy man page. The fix is to replace these three strncpy with memmove().
Strangely, rebuilding the telnet-0.17-68.fc25.x86_64 RPM package from source SRPM using "make" (rpm -i srpm + rpmbuild -bp specfile + make) solves the probem, but not when rebuilding with rpmbuild (rpm -i srpm + rpmbuild -bb specfile).
Building with "rpmbuild" uses extra compilation flags not present with "make". The extra flag showing this strncpy() programming issue is -Wp,-D_FORTIFY_SOURCE=2.
NOTE : as this problem is related to rpmbuild flags, it should also be present with other RPM based distros.
