54 lines
1.6 KiB
Diff
54 lines
1.6 KiB
Diff
From 0ec2b39d260e08e4c3464f6b95005821dc559c62 Mon Sep 17 00:00:00 2001
|
|
From: "Alan T. DeKok" <aland@freeradius.org>
|
|
Date: Mon, 28 Feb 2022 10:34:15 -0500
|
|
Subject: [PATCH] manual port of commit 5906bfa1
|
|
|
|
CVE: CVE-2022-41861
|
|
|
|
Upstream-Status: Backport
|
|
[https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e08e4c3464f6b95005821dc559c62]
|
|
|
|
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
|
---
|
|
src/lib/filters.c | 12 +++++++++---
|
|
1 file changed, 9 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/lib/filters.c b/src/lib/filters.c
|
|
index 4868cd385d..3f3b63daee 100644
|
|
--- a/src/lib/filters.c
|
|
+++ b/src/lib/filters.c
|
|
@@ -1205,13 +1205,19 @@ void print_abinary(char *out, size_t outlen, uint8_t const *data, size_t len, in
|
|
}
|
|
}
|
|
} else if (filter->type == RAD_FILTER_GENERIC) {
|
|
- int count;
|
|
+ size_t count, masklen;
|
|
+
|
|
+ masklen = ntohs(filter->u.generic.len);
|
|
+ if (masklen >= sizeof(filter->u.generic.mask)) {
|
|
+ *p = '\0';
|
|
+ return;
|
|
+ }
|
|
|
|
i = snprintf(p, outlen, " %u ", (unsigned int) ntohs(filter->u.generic.offset));
|
|
p += i;
|
|
|
|
/* show the mask */
|
|
- for (count = 0; count < ntohs(filter->u.generic.len); count++) {
|
|
+ for (count = 0; count < masklen; count++) {
|
|
i = snprintf(p, outlen, "%02x", filter->u.generic.mask[count]);
|
|
p += i;
|
|
outlen -= i;
|
|
@@ -1222,7 +1228,7 @@ void print_abinary(char *out, size_t outlen, uint8_t const *data, size_t len, in
|
|
outlen--;
|
|
|
|
/* show the value */
|
|
- for (count = 0; count < ntohs(filter->u.generic.len); count++) {
|
|
+ for (count = 0; count < masklen; count++) {
|
|
i = snprintf(p, outlen, "%02x", filter->u.generic.value[count]);
|
|
p += i;
|
|
outlen -= i;
|
|
--
|
|
2.25.1
|
|
|