diff options
| author | Dmitry Kozlov <xeb@mail.ru> | 2014-06-17 17:14:26 +0400 |
|---|---|---|
| committer | Dmitry Kozlov <xeb@mail.ru> | 2014-07-11 15:02:34 +0400 |
| commit | 00981be8678f0bcd6bd4ac16cc0c06276af1f535 (patch) | |
| tree | 372c23829dce37bcb3a9d87a4c0c232b572119e6 | |
| parent | d3d02d2e1b415dd0b4a3832da3b852cacc9284a3 (diff) | |
| download | accel-ppp-00981be8678f0bcd6bd4ac16cc0c06276af1f535.tar.gz accel-ppp-00981be8678f0bcd6bd4ac16cc0c06276af1f535.zip | |
auth_mschap,radius: fixed improper passing MS-CHAP-Error, Reply-Message to auth modules
Passed strings was not nullterminated
| -rw-r--r-- | accel-pppd/auth/auth_mschap_v1.c | 2 | ||||
| -rw-r--r-- | accel-pppd/auth/auth_mschap_v2.c | 4 | ||||
| -rw-r--r-- | accel-pppd/radius/auth.c | 21 |
3 files changed, 21 insertions, 6 deletions
diff --git a/accel-pppd/auth/auth_mschap_v1.c b/accel-pppd/auth/auth_mschap_v1.c index 52823305..9c5ef9c2 100644 --- a/accel-pppd/auth/auth_mschap_v1.c +++ b/accel-pppd/auth/auth_mschap_v1.c @@ -323,6 +323,8 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h else ppp_auth_failed(ad->ppp, name); _free(name); + if (mschap_error != conf_msg_failure) + _free(mschap_error); } else { if (!ad->started) { if (ppp_auth_succeeded(ad->ppp, name)) { diff --git a/accel-pppd/auth/auth_mschap_v2.c b/accel-pppd/auth/auth_mschap_v2.c index 64748559..3ad304c5 100644 --- a/accel-pppd/auth/auth_mschap_v2.c +++ b/accel-pppd/auth/auth_mschap_v2.c @@ -394,6 +394,10 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h else ppp_auth_failed(ad->ppp, name); _free(name); + if (mschap_error != conf_msg_failure) + _free(mschap_error); + if (reply_msg != conf_msg_failure2) + _free(reply_msg); } else { if (!ad->started) { if (ppp_auth_succeeded(ad->ppp, name)) { diff --git a/accel-pppd/radius/auth.c b/accel-pppd/radius/auth.c index 14cb9b2c..02fdf8fe 100644 --- a/accel-pppd/radius/auth.c +++ b/accel-pppd/radius/auth.c @@ -441,8 +441,11 @@ int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list ar rpd->auth_req->pack->id++; } else if (rpd->auth_req->reply) { ra = rad_packet_find_attr(rpd->auth_req->reply, "Microsoft", "MS-CHAP-Error"); - if (ra) - *mschap_error = ra->val.string; + if (ra) { + *mschap_error = _malloc(ra->len + 1); + memcpy(*mschap_error, ra->val.string, ra->len); + (*mschap_error)[ra->len] = 0; + } } return r; @@ -530,11 +533,17 @@ int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list ar rpd->auth_req->pack->id++; } else if (rpd->auth_req->reply) { ra = rad_packet_find_attr(rpd->auth_req->reply, "Microsoft", "MS-CHAP-Error"); - if (ra) - *mschap_error = ra->val.string; + if (ra) { + *mschap_error = _malloc(ra->len + 1); + memcpy(*mschap_error, ra->val.string, ra->len); + (*mschap_error)[ra->len] = 0; + } ra = rad_packet_find_attr(rpd->auth_req->reply, NULL, "Reply-Message"); - if (ra) - *reply_msg = ra->val.string; + if (ra) { + *reply_msg = _malloc(ra->len + 1); + memcpy(*reply_msg, ra->val.string, ra->len); + (*reply_msg)[ra->len] = 0; + } } |