diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-06-12 00:46:34 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-06-12 00:48:25 +0100 |
| commit | f91219c114a3d95792d052555664a5a7a3984a8d (patch) | |
| tree | 705da5da1bfbaa760ac36d9b29aed99d9fabad06 | |
| parent | e447a470aae2e45fc80bfb14a77b06e6f57f4d5c (diff) | |
Taint: fix radius expansion condition
| -rw-r--r-- | doc/doc-txt/ChangeLog | 2 | ||||
| -rw-r--r-- | src/src/auths/call_radius.c | 3 |
2 files changed, 2 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 425264191..7284f9cfe 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -13,7 +13,7 @@ JH/01 Bug 1329: Fix format of Maildir-format filenames to match other mail- JH/02 Bug 2587: Fix pam expansion condition. Tainted values are commonly used as arguments, so an implementation trying to copy these into a local buffer was taking a taint-enforcement trap. Fix by using dynamically - created buffers. + created buffers. Similar fix for radius expansion condition. JH/03 Bug 2586: Fix listcount expansion operator. Using tainted arguments is reasonable, eg. to count headers. Fix by using dynamically created diff --git a/src/src/auths/call_radius.c b/src/src/auths/call_radius.c index cc269dcd5..9d10b34c6 100644 --- a/src/src/auths/call_radius.c +++ b/src/src/auths/call_radius.c @@ -96,8 +96,7 @@ int sep = 0; #endif -user = string_nextinlist(&radius_args, &sep, big_buffer, big_buffer_size); -if (!user) user = US""; +if (!(user = string_nextinlist(&radius_args, &sep, NULL, 0))) user = US""; DEBUG(D_auth) debug_printf("Running RADIUS authentication for user \"%s\" " "and \"%s\"\n", user, radius_args); |