As pointed out by Dan Rosenberg our telnet client has the same

overflow when using encryption as the recent FreeBSD advisory.
Use the same approach taken in FreeBSD to protect against malicious servers.

ok miod@

1 files changed, 4 insertions, 1 deletions

diff --git a/usr.bin/telnet/encrypt.c b/usr.bin/telnet/encrypt.c
index 4781e991b3d..006bd25cfe7 100644
--- a/usr.bin/telnet/encrypt.c
+++ b/usr.bin/telnet/encrypt.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: encrypt.c,v 1.3 2006/12/21 02:44:55 krw Exp $     */
+/*     $OpenBSD: encrypt.c,v 1.4 2011/12/28 21:09:48 jsg Exp $     */
 
 /*-
  * Copyright (c) 1991, 1993
@@ -739,6 +739,9 @@ encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len)
     int dir = kp->dir;
     int ret = 0;
 
+    if (len > MAXKEYLEN)
+        len = MAXKEYLEN;
+
     if (!(ep = (*kp->getcrypt)(*kp->modep))) {
 	if (len == 0)
 	    return;