From: Alan T. DeKok Date: Tue, 12 Oct 2021 14:57:50 +0000 (-0400) Subject: things from config files are not tainted by default X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=010666120770a010dc51af05936e2e0808596023;p=thirdparty%2Ffreeradius-server.git things from config files are not tainted by default exec_legacy already calls fr_pair_list_tainted(), as the output of exec is rather less trusted than the config files. Update the internal tests to remove the tainted flag. --- diff --git a/src/lib/util/pair_legacy.c b/src/lib/util/pair_legacy.c index 852c825895e..59f112277eb 100644 --- a/src/lib/util/pair_legacy.c +++ b/src/lib/util/pair_legacy.c @@ -247,7 +247,7 @@ fr_pair_t *fr_pair_make(TALLOC_CTX *ctx, fr_dict_t const *dict, fr_pair_list_t * * We probably want to fix fr_pair_value_from_str to accept * octets as values for any attribute. */ - if (value && (fr_pair_value_from_str(vp, value, -1, '\"', true) < 0)) { + if (value && (fr_pair_value_from_str(vp, value, -1, '\"', false) < 0)) { talloc_free(vp); return NULL; } @@ -525,7 +525,7 @@ static ssize_t fr_pair_list_afrom_substr(TALLOC_CTX *ctx, fr_dict_attr_t const * * don't know. So just mark it * as such to be safe. */ - } else if (fr_pair_value_from_str(vp, raw.r_opand, -1, '"', true) < 0) { + } else if (fr_pair_value_from_str(vp, raw.r_opand, -1, '"', false) < 0) { talloc_free(vp); goto error; } diff --git a/src/lib/util/value.c b/src/lib/util/value.c index 65d99b82e18..b045fbd0c06 100644 --- a/src/lib/util/value.c +++ b/src/lib/util/value.c @@ -4411,6 +4411,12 @@ int fr_value_box_from_str(TALLOC_CTX *ctx, fr_value_box_t *dst, len = (inlen < 0) ? strlen(in) : (size_t)inlen; + /* + * If the data is tainted, then the data should never be + * quoted. + */ + fr_assert(!tainted || (quote == 0)); + /* * Set size for all fixed length attributes. */ diff --git a/src/tests/unit/protocols/internal/encode.txt b/src/tests/unit/protocols/internal/encode.txt index 09bd43f247c..109540e04a3 100644 --- a/src/tests/unit/protocols/internal/encode.txt +++ b/src/tests/unit/protocols/internal/encode.txt @@ -3,11 +3,11 @@ proto-dictionary radius # Short string encode-pair User-Name = 'foo' -match 02 01 03 66 6f 6f +match 00 01 03 66 6f 6f # Long string encode-pair User-Name = "012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789" -match 06 01 01 2c 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 +match 04 01 01 2c 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 encode-pair Extended-Attribute-1.Unit-Ext-241-TLV.Unit-TLV-Integer = 1, Extended-Attribute-1.Unit-Ext-241-TLV.Unit-TLV-Integer = 2 -match 00 f1 0a 00 f3 07 02 01 04 00 00 00 01 00 f1 0a 00 f3 07 02 01 04 00 00 00 02 +match 00 f1 0a 00 f3 07 00 01 04 00 00 00 01 00 f1 0a 00 f3 07 00 01 04 00 00 00 02