[Midnightbsd-cvs] [MidnightBSD/src] 3ca6cf: libradius did not perform sufficient validation of...
Lucas Holt
noreply at github.com
Wed May 26 22:40:54 EDT 2021
Branch: refs/heads/stable/2.0
Home: https://github.com/MidnightBSD/src
Commit: 3ca6cf2475add3bd123eb5affa9185402ed50efc
https://github.com/MidnightBSD/src/commit/3ca6cf2475add3bd123eb5affa9185402ed50efc
Author: Lucas Holt <luke at foolishgames.com>
Date: 2021-05-26 (Wed, 26 May 2021)
Changed paths:
M lib/libradius/radlib.c
Log Message:
-----------
libradius did not perform sufficient validation of received messages.
rad_get_attr(3) did not verify that the attribute length is valid before
subtracting the length of the Type and Length fields. As a result, it
could return success while also providing a bogus length of SIZE_T_MAX -
2 for the Value field.
When processing attributes to find an optional authenticator,
is_valid_response() failed to verify that each attribute length is
non-zero and could thus enter an infinite loop.
Obtained from: FreeBSD
More information about the Midnightbsd-cvs
mailing list