more checks and sanity

author Alan T. DeKok <aland@freeradius.org>

Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)

committer Alan T. DeKok <aland@freeradius.org>

Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)
author Alan T. DeKok <aland@freeradius.org>
Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)
committer Alan T. DeKok <aland@freeradius.org>
Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)
diff --git a/src/modules/rlm_eap/rlm_eap.c b/src/modules/rlm_eap/rlm_eap.c

index 9a5ea0095510c05986263130b663be9f440713a2..874eecc4efd5ab34452929e706995ae349b2ed08 100644 (file)
--- a/src/modules/rlm_eap/rlm_eap.c
+++ b/src/modules/rlm_eap/rlm_eap.c
@@ -585,8 +585,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_pre_proxy(void *instance, REQUEST *reque
         if (vp->vp_octets[0] != PW_EAP_REQUEST) return RLM_MODULE_NOOP;
         if (!inst->max_eap_type) return RLM_MODULE_NOOP;
  
+       if (vp->vp_length < 5) return RLM_MODULE_NOOP;
+
+       if (vp->vp_octets[4] == 254) return RLM_MODULE_NOOP; /* allow extended types */
+
         if (vp->vp_octets[4] > inst->max_eap_type) {
-               RDEBUG("EAP method %u is too large", vp->vp_octets[0]);
+               RDEBUG("EAP method %u is too large", vp->vp_octets[4]);
                 return RLM_MODULE_REJECT;
         }
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)
committer	Alan T. DeKok <aland@freeradius.org>
	Thu, 30 Mar 2023 02:23:35 +0000 (11:23 +0900)