Fix possible bug

author Alan T. DeKok <aland@freeradius.org>

Thu, 6 Sep 2012 09:00:26 +0000 (11:00 +0200)

committer Alan T. DeKok <aland@freeradius.org>

Thu, 6 Sep 2012 09:33:17 +0000 (11:33 +0200)
author Alan T. DeKok <aland@freeradius.org>
Thu, 6 Sep 2012 09:00:26 +0000 (11:00 +0200)
committer Alan T. DeKok <aland@freeradius.org>
Thu, 6 Sep 2012 09:33:17 +0000 (11:33 +0200)
diff --git a/src/modules/rlm_otp/otp_pw_valid.c b/src/modules/rlm_otp/otp_pw_valid.c

index 271d3e174613e6886efc225ad57ec47bdc7f700b..4917a86d6033d8cbf5d8bebda6caf2427597943c 100644 (file)
--- a/src/modules/rlm_otp/otp_pw_valid.c
+++ b/src/modules/rlm_otp/otp_pw_valid.c
@@ -104,7 +104,7 @@ otp_pw_valid(REQUEST *request, int pwe, const char *challenge,
     */
    switch (otp_request.pwe.pwe) {
    case PWE_PAP:
-    if (rvp->length > OTP_MAX_PASSCODE_LEN) {
+    if (rvp->length >= sizeof(otp_request.pwe.u.pap.passcode)) {
        (void) radlog(L_AUTH, "rlm_otp: passcode for [%s] too long", username);
        return RLM_MODULE_REJECT;
      }
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 6 Sep 2012 09:00:26 +0000 (11:00 +0200)
committer	Alan T. DeKok <aland@freeradius.org>
	Thu, 6 Sep 2012 09:33:17 +0000 (11:33 +0200)