Overview

File strongswan-4.4.0-6.0.2_eap_mschapv2_failure_request_len.patch of Package strongswan.41228

diff -Naurp src.orig/libcharon/plugins/eap_mschapv2/eap_mschapv2.c src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
--- src.orig/libcharon/plugins/eap_mschapv2/eap_mschapv2.c	2025-10-15 19:26:06.535051197 +0530
+++ src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c	2025-10-16 12:12:07.475078094 +0530
@@ -851,7 +851,7 @@ static status_t process_peer_failure(pri
 	data = in->get_data(in);
 	eap = (eap_mschapv2_header_t*)data.ptr;
 
-	if (data.len < 3) /* we want at least an error code: E=e */
+	if (data.len < HEADER_LEN + 3) /* we want at least an error code: E=e */
 	{
 		DBG1(DBG_IKE, "received invalid EAP-MS-CHAPv2 message: too short");
 		return FAILED;
openSUSE Build Service is sponsored by
Places