]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2431bbe)
xlat: Make xlat_eval_compiled binary safe
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Tue, 27 Jun 2023 21:09:11 +0000 (17:09 -0400)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Tue, 27 Jun 2023 21:09:11 +0000 (17:09 -0400)
src/lib/unlang/xlat_eval.c patch | blob | blame | history

diff --git a/src/lib/unlang/xlat_eval.c b/src/lib/unlang/xlat_eval.c
index db37245f7b01b5c4b3c1f74b641c9778e5ac6691..e59b2c91096c660c225f339ef7a531affaa7db5b 100644 (file)
--- a/src/lib/unlang/xlat_eval.c
+++ b/src/lib/unlang/xlat_eval.c
@@ -1454,11 +1454,18 @@ static ssize_t _xlat_eval_compiled(TALLOC_CTX *ctx, char **out, size_t outlen, r
                return slen;
        }
 
+       if ((size_t)slen >= outlen) {
+               fr_strerror_const("Insufficient output buffer space");
+               return -1;
+       }
+
        /*
         *      Otherwise copy the talloced buffer to the fixed one.
         */
-       strlcpy(*out, buff, outlen);
+       memcpy(*out, buff, slen);
+       (*out)[slen] = '\0';
        talloc_free(buff);
+
        return slen;
 }
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git