Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
freeradius-server.3979
19a18bf7_port.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 19a18bf7_port.patch of Package freeradius-server.3979
commit 19a18bf7c8af649c9e9742fb6a046f6aff639866 Author: Alan T. DeKok <aland@freeradius.org> Date: Mon Jul 3 15:42:35 2017 -0400 FR-GV-304 - check for option overflowing the packet Index: freeradius-server-3.0.3/src/modules/proto_dhcp/dhcp.c =================================================================== --- freeradius-server-3.0.3.orig/src/modules/proto_dhcp/dhcp.c +++ freeradius-server-3.0.3/src/modules/proto_dhcp/dhcp.c @@ -486,6 +486,24 @@ static int decode_tlv(RADIUS_PACKET *pac p = data; while (p < (data + data_len)) { + /* + * Not enough room for the option header, it's a + * bad packet. + */ + if ((p + 2) > (data + data_len)) { + pairfree(&head); + goto make_tlv; + } + + /* + * Not enough room for the option header + data, + * it's a bad packet. + */ + if ((p + 2 + p[1]) > (data + data_len)) { + pairfree(&head); + goto make_tlv; + } + vp = paircreate(packet, tlv->da->attr | (p[0] << 8), DHCP_MAGIC_VENDOR); if (!vp) { pairfree(&head);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor