From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 31 Aug 2016 14:26:09 +0000 (-0400)
Subject: check for enough room
X-Git-Tag: release_3_0_12~87
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=6b4faf5f9189fb7213cf6392dc953bb505f83d64;p=freeradius.git

check for enough room
---

diff --git a/src/lib/token.c b/src/lib/token.c
index bb184df..8ae41b3 100644
--- a/src/lib/token.c
+++ b/src/lib/token.c
@@ -310,13 +310,17 @@ static FR_TOKEN getthing(char const **ptr, char *buf, int buflen, bool tok,
 
 		} else {
 			/*
-			 *	Deal with quotes and escapes, but don't mash
-			 *	escaped characters into their non-escaped
-			 *	equivalent.
+			 *	Convert backslash-quote to quote, but
+			 *	leave everything else alone.
 			 */
 			if (p[1] == quote) { /* convert '\'' --> ' */
 				p++;
 			} else {
+				if (buflen < 2) {
+					fr_strerror_printf("Truncated input");
+					return T_INVALID;
+				}
+
 				*(s++) = *(p++);
 			}
 			*(s++) = *(p++);