]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e8c2310)
Fix CVE-2012-3547. Found by Timo Warns.
authorAlan T. DeKok <aland@freeradius.org>
Mon, 10 Sep 2012 06:20:13 +0000 (08:20 +0200)
committerAlan T. DeKok <aland@freeradius.org>
Thu, 13 Sep 2012 10:52:13 +0000 (12:52 +0200)
src/main/tls.c patch | blob | blame | history

diff --git a/src/main/tls.c b/src/main/tls.c
index beb48216b7f44f32674af4981ca18bd41a1147ef..ab061bc9a729c6fba6a8f4439d0acb85f7a74cc5 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1380,7 +1380,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
        buf[0] = '\0';
        asn_time = X509_get_notAfter(client_cert);
        if (identity && (lookup <= 1) && asn_time &&
-           (asn_time->length < MAX_STRING_LEN)) {
+           (asn_time->length < sizeof(buf))) {
                memcpy(buf, (char*) asn_time->data, asn_time->length);
                buf[asn_time->length] = '\0';
                pairadd(certs,
Mirror of https://github.com/FreeRADIUS/freeradius-server.git