value: Check talloc buffers are the right length

author Arran Cudbard-Bell <a.cudbardb@freeradius.org>

Mon, 4 Sep 2023 05:32:35 +0000 (23:32 -0600)

committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>

Mon, 4 Sep 2023 05:33:28 +0000 (23:33 -0600)
author Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Mon, 4 Sep 2023 05:32:35 +0000 (23:32 -0600)
committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Mon, 4 Sep 2023 05:33:28 +0000 (23:33 -0600)
diff --git a/src/lib/util/value.c b/src/lib/util/value.c

index 43cf5438b02defd54e6e5b0b6beaf2414b2ba2d6..78edae78712a06718c2b77ab5e2c777167c80f8a 100644 (file)
--- a/src/lib/util/value.c
+++ b/src/lib/util/value.c
@@ -5948,6 +5948,16 @@ DIAG_ON(nonnull-compare)
                 fr_fatal_assert_msg(vb->vb_strvalue[vb->vb_length] == '\0',
                                     "CONSISTENCY CHECK FAILED %s[%i]: fr_value_box_t strvalue field "
                                     "not null terminated", file, line);
+               if (vb->talloced) {
+                       size_t len = talloc_array_length(vb->vb_strvalue);
+
+                       /* We always \0 terminate to be safe, even though most things should use the len field */
+                       if (len <= vb->vb_length) {
+                               fr_fatal_assert_fail("CONSISTENCY CHECK FAILED %s[%u]: Expected fr_value_box_t->vb_strvalue talloc buffer "
+                                                   "len >= %zu, got %zu",
+                                                   file, line, vb->vb_length + 1, len);
+                       }
+               }
                 break;
  
         case FR_TYPE_OCTETS:
author	Arran Cudbard-Bell <a.cudbardb@freeradius.org>
	Mon, 4 Sep 2023 05:32:35 +0000 (23:32 -0600)
committer	Arran Cudbard-Bell <a.cudbardb@freeradius.org>
	Mon, 4 Sep 2023 05:33:28 +0000 (23:33 -0600)