}
}
-void _fr_tacacs_packet_log_hex(fr_log_t const *log, fr_tacacs_packet_t const *packet, char const *file, int line)
+void _fr_tacacs_packet_log_hex(fr_log_t const *log, fr_tacacs_packet_t const *packet, size_t packet_len, char const *file, int line)
{
size_t length;
uint8_t const *p = (uint8_t const *) packet;
uint8_t const *hdr, *end, *args;
+ end = ((uint8_t const *) packet) + packet_len;
+
+ if (packet_len < 12) {
+ print_hex(log, file, line, "header ", p, packet_len, end);
+ return;
+ }
+
/*
* It has to be at least 12 bytes long.
*/
p += 12;
hdr = p;
- end = hdr + length;
+
+ if ((p + length) != end) {
+ fr_log(log, L_DBG, file, line, "length field does not match input packet length %08lx", packet_len - 12);
+ return;
+ }
#define OVERFLOW8(_field, _name) do { \
if ((p + _field) > end) { \
}
#ifndef NDEBUG
- if (fr_debug_lvl >= L_DBG_LVL_4) fr_tacacs_packet_log_hex(&default_log, pkt);
+ if (fr_debug_lvl >= L_DBG_LVL_4) fr_tacacs_packet_log_hex(&default_log, pkt, (end - buffer));
#endif
if (code) {
uint8_t flags = packet->hdr.flags;
packet->hdr.flags |= FR_TAC_PLUS_UNENCRYPTED_FLAG;
- fr_tacacs_packet_log_hex(&default_log, packet);
+ fr_tacacs_packet_log_hex(&default_log, packet, packet_len);
packet->hdr.flags = flags;
}
#endif
int fr_tacacs_body_xor(fr_tacacs_packet_t const *pkt, uint8_t *body, size_t body_len, char const *secret, size_t secret_len) CC_HINT(nonnull(1,2,4));
-#define fr_tacacs_packet_log_hex(_log, _packet) _fr_tacacs_packet_log_hex(_log, _packet, __FILE__, __LINE__);
-void _fr_tacacs_packet_log_hex(fr_log_t const *log, fr_tacacs_packet_t const *packet, char const *file, int line) CC_HINT(nonnull);
+#define fr_tacacs_packet_log_hex(_log, _packet, _size) _fr_tacacs_packet_log_hex(_log, _packet, _size, __FILE__, __LINE__);
+void _fr_tacacs_packet_log_hex(fr_log_t const *log, fr_tacacs_packet_t const *packet, size_t packet_len, char const *file, int line) CC_HINT(nonnull);
projects / thirdparty / freeradius-server.git / commitdiff
