File 41dfe9f0.patch of Package freeradius-server.27524

commit 41dfe9f0ca550ceb5f152ba8baf03fd6222d7119
Author: Alan T. DeKok <aland@freeradius.org>
Date:   Wed Jul 5 11:27:55 2017 -0400

    FR-AD-001 - (v3) use strncmp() instead of memcmp() for bounded data

diff --git a/src/main/conffile.c b/src/main/conffile.c
index 5f4c72269..3b634554c 100644
--- a/src/main/conffile.c
+++ b/src/main/conffile.c
@@ -1199,7 +1199,7 @@ static char const *cf_expand_variables(char const *cf, int *lineno,
 				ERROR("%s[%d]: Reference \"%s\" type is invalid", cf, *lineno, input);
 				return NULL;
 			}
-		} else if (memcmp(ptr, "$ENV{", 5) == 0) {
+		} else if (strncmp(ptr, "$ENV{", 5) == 0) {
 			char *env;
 
 			ptr += 5;

Places

File 41dfe9f0.patch of Package freeradius-server.27524

Places