]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1020a0c)
Make room for NUL in the extreme case in xlat_config_escape(). (#4569)
authorJames Jones <jejones3141@gmail.com>
Thu, 16 Jun 2022 18:38:31 +0000 (13:38 -0500)
committerGitHub <noreply@github.com>
Thu, 16 Jun 2022 18:38:31 +0000 (13:38 -0500)
The VLA escaped[] can handle the probably unlikely worst case of
every character from the value box requiring MIME encoding...
except that a NUL is appended, so one might as well accommodate
it in that worst case.

src/lib/server/main_config.c patch | blob | blame | history

diff --git a/src/lib/server/main_config.c b/src/lib/server/main_config.c
index 4c3dd265f996d58511365384e1f0a264f236ebe7..84912ca2f0a1b456ecb54441492c6b486922e5fe 100644 (file)
--- a/src/lib/server/main_config.c
+++ b/src/lib/server/main_config.c
@@ -443,7 +443,7 @@ static int xlat_config_escape(UNUSED request_t *request, fr_value_box_t *vb, UNU
        static char const       disallowed[] = "%{}\\'\"`";
        size_t                  outmax = vb->vb_length * 3;
        size_t                  outlen = 0;
-       char                    escaped[outmax];
+       char                    escaped[outmax + 1];
        char const              *in, *end;
        char                    *out = escaped;
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git