Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
freeradius-server.3979
6726c165_port.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 6726c165_port.patch of Package freeradius-server.3979
commit 6726c16549b131ed39f6f8886cdf5d9d922a9a97 Author: Alan T. DeKok <aland@freeradius.org> Date: Tue Jun 27 21:54:10 2017 -0400 FR-GV-302 - do checks based on pointers, not on decoded data because decoded data may be empty Index: freeradius-server-3.0.3/src/lib/radius.c =================================================================== --- freeradius-server-3.0.3.orig/src/lib/radius.c +++ freeradius-server-3.0.3/src/lib/radius.c @@ -2933,16 +2933,23 @@ static ssize_t data2vp_concat(RADIUS_PAC * don't care about walking off of the end of it. */ while (ptr < end) { + if (ptr[1] < 2) return -1; + if ((ptr + ptr[1]) > end) return -1; + total += ptr[1] - 2; ptr += ptr[1]; + if (ptr == end) break; + /* * Attributes MUST be consecutive. */ if (ptr[0] != attr) break; } + end = ptr; + vp = pairalloc(packet, da); if (!vp) return -1; @@ -2955,7 +2962,7 @@ static ssize_t data2vp_concat(RADIUS_PAC total = 0; ptr = start; - while (total < vp->length) { + while (ptr < end) { memcpy(p, ptr + 2, ptr[1] - 2); p += ptr[1] - 2; total += ptr[1] - 2; @@ -2963,6 +2970,7 @@ static ssize_t data2vp_concat(RADIUS_PAC } *pvp = vp; + return ptr - start; } Index: freeradius-server-3.0.3/src/tests/unit/rfc.txt =================================================================== --- freeradius-server-3.0.3.orig/src/tests/unit/rfc.txt +++ freeradius-server-3.0.3/src/tests/unit/rfc.txt @@ -111,6 +111,18 @@ data Framed-IP-Address = 127.0.0.1 attribute Framed-IP-Address = 127.0.0.1/323 data Invalid IP address suffix "/323". Only '/32' permitted for non-prefix types +# +# A "concat" attribute, with no data +# +decode 89 02 +data PKM-SS-Cert = 0x + +# +# Or with weirdly formatted data +# +decode 89 03 ff 89 02 89 03 fe +data PKM-SS-Cert = 0xfffe + $INCLUDE errors.txt $INCLUDE extended.txt $INCLUDE lucent.txt
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor