From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 9 Sep 2015 19:16:28 +0000 (-0400)
Subject: Don't allow %{rand} is we require %{rand:...}
X-Git-Tag: release_3_0_10~144
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=9328e1d7c780223a1c3b338a4657e1eb698cb9c9;p=freeradius.git

Don't allow %{rand} is we require %{rand:...}
---

diff --git a/src/main/radattr.c b/src/main/radattr.c
index 5f017bf..c619432 100644
--- a/src/main/radattr.c
+++ b/src/main/radattr.c
@@ -977,7 +977,7 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
-	if (xlat_register("test", xlat_test, NULL, NULL) < 0) {
+	if (xlat_register("test", xlat_test, NULL, "") < 0) {
 		fprintf(stderr, "Failed registering xlat");
 		return 1;
 	}
diff --git a/src/main/xlat.c b/src/main/xlat.c
index 0f66897..3dfdad9 100644
--- a/src/main/xlat.c
+++ b/src/main/xlat.c
@@ -1280,6 +1280,7 @@ static ssize_t xlat_tokenize_expansion(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **
 	 *	Check for empty expressions %{}
 	 */
 	if ((*q == '}') && (q == p)) {
+		talloc_free(node);
 		*error = "Empty expression is invalid";
 		return -(p - fmt);
 	}
@@ -1344,6 +1345,12 @@ static ssize_t xlat_tokenize_expansion(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **
 	 */
 	if (node->attr.type == TMPL_TYPE_ATTR_UNDEFINED) {
 		node->xlat = xlat_find(node->attr.tmpl_unknown_name);
+		if (node->xlat && node->xlat->instance && !node->xlat->internal) {
+			talloc_free(node);
+			*error = "Missing content in expansion";
+			return -(p - fmt) - slen;
+		}
+
 		if (node->xlat) {
 			node->type = XLAT_VIRTUAL;
 			node->fmt = node->attr.tmpl_unknown_name;
diff --git a/src/tests/unit/xlat.txt b/src/tests/unit/xlat.txt
index 8b0bf5e..5dc4893 100644
--- a/src/tests/unit/xlat.txt
+++ b/src/tests/unit/xlat.txt
@@ -135,3 +135,8 @@ data "%t\tfoo"
 xlat "%t\t%{Client-IP-Address}"
 data "%t\t%{Client-IP-Address}"
 
+xlat "foo %{test}"
+data ERROR offset 11 'Missing content in expansion'
+
+xlat "foo %{test:foo}"
+data "foo %{test:foo}"