1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
--- a/libtac/include/libtac.h
+++ b/libtac/include/libtac.h
@@ -66,6 +66,8 @@ extern int logmsg __P((int, const char*,
typedef unsigned int u_int32_t;
#endif
+#define TAC_PLUS_ATTRIB_MAX_LEN 255
+
struct tac_attrib {
char *attr;
u_char attr_len;
--- a/libtac/lib/attrib.c
+++ b/libtac/lib/attrib.c
@@ -29,24 +29,34 @@ void tac_add_attrib(struct tac_attrib **
void tac_add_attrib_pair(struct tac_attrib **attr, char *name, char sep, char *value) {
struct tac_attrib *a;
- u_char l1 = (u_char) strlen(name);
- u_char l2;
+ size_t l1 = strlen(name);
+ size_t l2;
int total_len;
-
+
+ if (l1 > TAC_PLUS_ATTRIB_MAX_LEN-1) { /* take sep into account */
+ TACSYSLOG((LOG_WARNING,\
+ "%s: attribute `%s' exceeds max. %d characters, skipping",\
+ __FUNCTION__, name, TAC_PLUS_ATTRIB_MAX_LEN-1))
+ return;
+ }
+
+ total_len = l1 + 1; /* "name" + "sep" */
+
if (value == NULL) {
l2 = 0;
} else {
- l2 = (u_char) strlen(value);
+ l2 = strlen(value);
}
- total_len = l1 + l2 + 1; /* "name" + "=" + "value" */
- if (total_len > 255) {
+ if (l2 > TAC_PLUS_ATTRIB_MAX_LEN-total_len) {
TACSYSLOG((LOG_WARNING,\
- "%s: attribute `%s' total length exceeds 255 characters, skipping",\
- __FUNCTION__, name))
+ "%s: attribute `%s' total length exceeds %d characters, skipping",\
+ __FUNCTION__, name, TAC_PLUS_ATTRIB_MAX_LEN))
return;
}
-
+
+ total_len += l2;
+
/* initialize the list if application passed us a null pointer */
if(*attr == NULL) {
*attr = (struct tac_attrib *) xcalloc(1, sizeof(struct tac_attrib));
|
