DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

RADIUS/EAP server: Use longer username buffer to avoid truncation

Browse source 
If the peer provides a username with large part of it being non-ASCII
characters, the previously used buffers may not have been long enough to
include the full string in debug logs and database search due to forced
truncation of the string by printf_encode(). Avoid this by increasing
the buffer sizes to fit in the maximum result.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2014-06-02 15:50:31 +03:00 committed by Jouni Malinen
parent ee54e4010e
commit 95f6f6a49d
4 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/radius/radius_server.c
View file

@ -639,12 +639,12 @@ radius_server_get_new_session(struct radius_server_data *data,
sess->accept_attr = tmp.accept_attr;
sess->macacl = tmp.macacl;
sess->username = os_malloc(user_len * 2 + 1);
sess->username = os_malloc(user_len * 4 + 1);
if (sess->username == NULL) {
radius_server_session_free(data, sess);
return NULL;
}
printf_encode(sess->username, user_len * 2 + 1, user, user_len);
printf_encode(sess->username, user_len * 4 + 1, user, user_len);
sess->nas_ip = os_strdup(from_addr);
if (sess->nas_ip == NULL) {