-From ff5147c9e5088c7cf5c0b6ec6bfdd3a9d2042a28 Mon Sep 17 00:00:00 2001\r
-From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>\r
-Date: Thu, 13 Feb 2014 13:49:54 +0000\r
-Subject: [PATCH 1/1] Fix potential crash with SSHA and salts > 44bytes\r
-\r
----\r
- src/modules/rlm_pap/rlm_pap.c | 10 ++++++----\r
- 1 file changed, 6 insertions(+), 4 deletions(-)\r
-\r
-diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c\r
-index 689acf0..1bf6d4e 100644\r
---- a/src/modules/rlm_pap/rlm_pap.c\r
-+++ b/src/modules/rlm_pap/rlm_pap.c\r
-@@ -123,7 +123,7 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)\r
- static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)\r
- {\r
- \r
-- uint8_t buffer[64];\r
-+ uint8_t buffer[256];\r
- \r
- if (min_length >= sizeof(buffer)) return; /* paranoia */\r
- \r
-@@ -132,9 +132,10 @@ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)\r
- */\r
- if (vp->length >= (2 * min_length)) {\r
- size_t decoded;\r
-- decoded = fr_hex2bin(buffer, vp->vp_strvalue, vp->length >> 1);\r
-+ decoded = fr_hex2bin(buffer, vp->vp_strvalue, sizeof(buffer));\r
- if (decoded == (vp->length >> 1)) {\r
-- RDEBUG2("Normalizing %s from hex encoding", vp->da->name);\r
-+ RDEBUG2("Normalizing %s from hex encoding, %zu bytes -> %zu bytes",\r
-+ vp->da->name, vp->length, decoded);\r
- pairmemcpy(vp, buffer, decoded);\r
- return;\r
- }\r
-@@ -150,7 +151,8 @@ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)\r
- sizeof(buffer));\r
- if (decoded < 0) return;\r
- if (decoded >= (ssize_t) min_length) {\r
-- RDEBUG2("Normalizing %s from base64 encoding", vp->da->name);\r
-+ RDEBUG2("Normalizing %s from base64 encoding, %zu bytes -> %zu bytes",\r
-+ vp->da->name, vp->length, decoded);\r
- pairmemcpy(vp, buffer, decoded);\r
- return;\r
- }\r
--- \r
-1.8.5.3\r
-\r
projects / moonshot.git / blobdiff