diff options
| author | Dmitry Kozlov <xeb@mail.ru> | 2014-06-17 17:14:26 +0400 |
|---|---|---|
| committer | Dmitry Kozlov <xeb@mail.ru> | 2014-06-17 17:14:26 +0400 |
| commit | c69fb2ed39346fd5091a4e30606cb5bb866aa432 (patch) | |
| tree | 757fb839c2a7a852a08ae36542f7e9cee2b55a7f | |
| parent | 861ea516ec07b9a67567c439a6a4077d8a4fd518 (diff) | |
| download | accel-ppp-xebd-c69fb2ed39346fd5091a4e30606cb5bb866aa432.tar.gz accel-ppp-xebd-c69fb2ed39346fd5091a4e30606cb5bb866aa432.zip | |
auth_mschap,radius: fixed improper passing MS-CHAP-Error, Reply-Message to auth modules
Passed strings was not nullterminated
| -rw-r--r-- | accel-pppd/auth/auth_mschap_v1.c | 2 | ||||
| -rw-r--r-- | accel-pppd/auth/auth_mschap_v2.c | 4 | ||||
| -rw-r--r-- | accel-pppd/radius/auth.c | 21 |
3 files changed, 21 insertions, 6 deletions
diff --git a/accel-pppd/auth/auth_mschap_v1.c b/accel-pppd/auth/auth_mschap_v1.c index 0dcaffd..8491e2c 100644 --- a/accel-pppd/auth/auth_mschap_v1.c +++ b/accel-pppd/auth/auth_mschap_v1.c @@ -323,6 +323,8 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h else ppp_auth_failed(ad->ppp, name); _free(name); + if (mschap_error != conf_msg_failure) + _free(mschap_error); } else { if (!ad->started) { if (ppp_auth_succeeded(ad->ppp, name)) { diff --git a/accel-pppd/auth/auth_mschap_v2.c b/accel-pppd/auth/auth_mschap_v2.c index 3ee2adc..d679aca 100644 --- a/accel-pppd/auth/auth_mschap_v2.c +++ b/accel-pppd/auth/auth_mschap_v2.c @@ -394,6 +394,10 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h else ppp_auth_failed(ad->ppp, name); _free(name); + if (mschap_error != conf_msg_failure) + _free(mschap_error); + if (reply_msg != conf_msg_failure2) + _free(reply_msg); } else { if (!ad->started) { if (ppp_auth_succeeded(ad->ppp, name)) { diff --git a/accel-pppd/radius/auth.c b/accel-pppd/radius/auth.c index 675f948..f4efe3b 100644 --- a/accel-pppd/radius/auth.c +++ b/accel-pppd/radius/auth.c @@ -443,8 +443,11 @@ int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list ar rpd->auth_req->pack->id++; } else if (rpd->auth_req->reply) { ra = rad_packet_find_attr(rpd->auth_req->reply, "Microsoft", "MS-CHAP-Error"); - if (ra) - *mschap_error = ra->val.string; + if (ra) { + *mschap_error = _malloc(ra->len + 1); + memcpy(*mschap_error, ra->val.string, ra->len); + (*mschap_error)[ra->len] = 0; + } } out: @@ -531,11 +534,17 @@ int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list ar rpd->auth_req->pack->id++; } else if (rpd->auth_req->reply) { ra = rad_packet_find_attr(rpd->auth_req->reply, "Microsoft", "MS-CHAP-Error"); - if (ra) - *mschap_error = ra->val.string; + if (ra) { + *mschap_error = _malloc(ra->len + 1); + memcpy(*mschap_error, ra->val.string, ra->len); + (*mschap_error)[ra->len] = 0; + } ra = rad_packet_find_attr(rpd->auth_req->reply, NULL, "Reply-Message"); - if (ra) - *reply_msg = ra->val.string; + if (ra) { + *reply_msg = _malloc(ra->len + 1); + memcpy(*reply_msg, ra->val.string, ra->len); + (*reply_msg)[ra->len] = 0; + } } out: |