From 8011d8b813f89ee23e491de0e1aa74576448b39b Mon Sep 17 00:00:00 2001 From: Jorge Pereira Date: Tue, 14 Mar 2023 16:09:56 -0300 Subject: [PATCH] Fix runtime error in file_common() Such error: src/modules/rlm_files/rlm_files.c:431:49: runtime error: null pointer passed as argument 3, which is declared to never be null src/freeradius-devel/radiusd.h:603:89: note: nonnull attribute specified here SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/modules/rlm_files/rlm_files.c:431:49 in --- src/lib/pair.c | 2 ++ src/modules/rlm_files/rlm_files.c | 31 ++++++++++++++++--------------- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/src/lib/pair.c b/src/lib/pair.c index 637e5c1350..c06961ccf8 100644 --- a/src/lib/pair.c +++ b/src/lib/pair.c @@ -2279,6 +2279,8 @@ void fr_pair_value_bstrncpy(VALUE_PAIR *vp, void const *src, size_t len) VERIFY_VP(vp); + if (!src) return; + p = talloc_array(vp, char, len + 1); if (!p) return; diff --git a/src/modules/rlm_files/rlm_files.c b/src/modules/rlm_files/rlm_files.c index 9e77cd7ff1..2a16c3f820 100644 --- a/src/modules/rlm_files/rlm_files.c +++ b/src/modules/rlm_files/rlm_files.c @@ -346,8 +346,8 @@ static rlm_rcode_t file_common(rlm_files_t *inst, REQUEST *request, char const * RADIUS_PACKET *request_packet, RADIUS_PACKET *reply_packet) { char const *name; - VALUE_PAIR *check_tmp; - VALUE_PAIR *reply_tmp; + VALUE_PAIR *check_tmp = NULL; + VALUE_PAIR *reply_tmp = NULL; PAIR_LIST const *user_pl, *default_pl; bool found = false; PAIR_LIST my_pl; @@ -404,14 +404,16 @@ static rlm_rcode_t file_common(rlm_files_t *inst, REQUEST *request, char const * default_pl = default_pl->next; } - check_tmp = fr_pair_list_copy(request, pl->check); - for (vp = fr_cursor_init(&cursor, &check_tmp); - vp; - vp = fr_cursor_next(&cursor)) { - if (radius_xlat_do(request, vp) < 0) { - RWARN("Failed parsing expanded value for check item, skipping entry: %s", fr_strerror()); - fr_pair_list_free(&check_tmp); - continue; + if (pl->check) { + check_tmp = fr_pair_list_copy(request, pl->check); + for (vp = fr_cursor_init(&cursor, &check_tmp); + vp; + vp = fr_cursor_next(&cursor)) { + if (radius_xlat_do(request, vp) < 0) { + RWARN("Failed parsing expanded value for check item, skipping entry: %s", fr_strerror()); + fr_pair_list_free(&check_tmp); + continue; + } } } @@ -421,15 +423,15 @@ static rlm_rcode_t file_common(rlm_files_t *inst, REQUEST *request, char const * /* ctx may be reply or proxy */ reply_tmp = fr_pair_list_copy(reply_packet, pl->reply); - radius_pairmove(request, &reply_packet->vps, reply_tmp, true); + if (reply_tmp) radius_pairmove(request, &reply_packet->vps, reply_tmp, true); + fr_pair_list_move(request, &request->config, &check_tmp, T_OP_ADD); fr_pair_list_free(&check_tmp); /* * Fallthrough? */ - if (!fall_through(pl->reply)) - break; + if (!fall_through(pl->reply)) break; } } @@ -441,8 +443,7 @@ static rlm_rcode_t file_common(rlm_files_t *inst, REQUEST *request, char const * /* * See if we succeeded. */ - if (!found) - return RLM_MODULE_NOOP; /* on to the next module */ + if (!found) return RLM_MODULE_NOOP; /* on to the next module */ return RLM_MODULE_OK; -- 2.47.3