https://gitlab.synchro.net/main/sbbs/-/commit/3d562c10cc0b6e57fae85e8d
Modified Files:
src/syncterm/rlogin.c
Log Message:
Fix GHost protocol 1-byte stack buffer overflow in rlogin.c
Move bounds check before recv() in both GHost negotiation loops.
Previously, rbuf[++idx]=0 wrote one byte past rbuf[10] before the
if(idx >= sizeof(rbuf)) check could fire. Now idx is checked against sizeof(rbuf)-1 before each recv(), preventing the overflow.
Co-Authored-By: Claude Opus 4.6 <
noreply@anthropic.com>