]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4f43d93)
Convince the compiler we know what we're doing
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Thu, 29 Aug 2024 10:42:39 +0000 (05:42 -0500)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Thu, 29 Aug 2024 10:42:39 +0000 (05:42 -0500)
src/protocols/radius/base.c patch | blob | blame | history

diff --git a/src/protocols/radius/base.c b/src/protocols/radius/base.c
index 737d18e31498f043fd4f834b577cb10f5a0bba1f..7f3bd29534b5a3387cba60abe1a334af0fc50790 100644 (file)
--- a/src/protocols/radius/base.c
+++ b/src/protocols/radius/base.c
@@ -1072,10 +1072,18 @@ ssize_t fr_radius_decode(TALLOC_CTX *ctx, fr_pair_list_t *out,
        }
 
        if (decode_ctx->request_code) {
-               int code = packet[0];
+               unsigned int code = packet[0];
 
-               fr_assert(code < FR_RADIUS_CODE_MAX); /* checked by fr_radius_ok() */
-               fr_assert(decode_ctx->request_code < FR_RADIUS_CODE_MAX); /* checked by fr_radius_ok() */
+               /*
+                *      Quiet the compiler, which gets excited about an out
+                *      of bounds access in allowed_replies
+                */
+               if (!fr_cond_assert(code < FR_RADIUS_CODE_MAX)) {
+                       return DECODE_FAIL_UNKNOWN_PACKET_CODE; /* checked by fr_radius_ok() */
+               }
+               if (!fr_cond_assert(decode_ctx->request_code < FR_RADIUS_CODE_MAX)) {
+                       return DECODE_FAIL_UNKNOWN_PACKET_CODE; /* checked by fr_radius_ok() */
+               }
 
                if (!allowed_replies[code]) {
                        fr_strerror_printf("%s packet received unknown reply code %s",
Mirror of https://github.com/FreeRADIUS/freeradius-server.git