DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

RADIUS/EAP server: Use longer username buffer to avoid truncation

Browse source 
If the peer provides a username with large part of it being non-ASCII
characters, the previously used buffers may not have been long enough to
include the full string in debug logs and database search due to forced
truncation of the string by printf_encode(). Avoid this by increasing
the buffer sizes to fit in the maximum result.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2014-06-02 15:50:31 +03:00 committed by Jouni Malinen
parent ee54e4010e
commit 95f6f6a49d
4 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/eap_server/eap_server_identity.c
View file

@ -120,9 +120,9 @@ static void eap_identity_process(struct eap_sm *sm, void *priv,
return; /* Should not happen - frame already validated */
wpa_hexdump_ascii(MSG_DEBUG, "EAP-Identity: Peer identity", pos, len);
buf = os_malloc(len * 3 + 1);
buf = os_malloc(len * 4 + 1);
if (buf) {
printf_encode(buf, len * 3 + 1, pos, len);
printf_encode(buf, len * 4 + 1, pos, len);
eap_log_msg(sm, "EAP-Response/Identity '%s'", buf);
os_free(buf);
}

4
src/eap_server/eap_server_mschapv2.c
View file

@ -330,9 +330,9 @@ static void eap_mschapv2_process_response(struct eap_sm *sm,
wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
buf = os_malloc(name_len * 3 + 1);
buf = os_malloc(name_len * 4 + 1);
if (buf) {
printf_encode(buf, name_len * 3 + 1, name, name_len);
printf_encode(buf, name_len * 4 + 1, name, name_len);
eap_log_msg(sm, "EAP-MSCHAPV2 Name '%s'", buf);
os_free(buf);
}

4
src/eap_server/eap_server_ttls.c
View file

@ -985,9 +985,9 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
if (parse.user_name) {
char *nbuf;
nbuf = os_malloc(parse.user_name_len * 3 + 1);
nbuf = os_malloc(parse.user_name_len * 4 + 1);
if (nbuf) {
printf_encode(nbuf, parse.user_name_len * 3 + 1,
printf_encode(nbuf, parse.user_name_len * 4 + 1,
parse.user_name,
parse.user_name_len);
eap_log_msg(sm, "TTLS-User-Name '%s'", nbuf);

4
src/radius/radius_server.c
View file

@ -639,12 +639,12 @@ radius_server_get_new_session(struct radius_server_data *data,
sess->accept_attr = tmp.accept_attr;
sess->macacl = tmp.macacl;
sess->username = os_malloc(user_len * 2 + 1);
sess->username = os_malloc(user_len * 4 + 1);
if (sess->username == NULL) {
radius_server_session_free(data, sess);
return NULL;
}
printf_encode(sess->username, user_len * 2 + 1, user, user_len);
printf_encode(sess->username, user_len * 4 + 1, user, user_len);
sess->nas_ip = os_strdup(from_addr);
if (sess->nas_ip == NULL) {