From: Alan T. DeKok <aland@freeradius.org>
Date: Thu, 30 Mar 2023 02:23:35 +0000 (+0900)
Subject: more checks and sanity
X-Git-Tag: release_3_2_3~104
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=049a66572bb4e9c71d372558745a1dc73c6b7051;p=thirdparty%2Ffreeradius-server.git

more checks and sanity

allow extended types
---

diff --git a/src/modules/rlm_eap/rlm_eap.c b/src/modules/rlm_eap/rlm_eap.c
index 9a5ea00955..874eecc4ef 100644
--- a/src/modules/rlm_eap/rlm_eap.c
+++ b/src/modules/rlm_eap/rlm_eap.c
@@ -585,8 +585,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_pre_proxy(void *instance, REQUEST *reque
 	if (vp->vp_octets[0] != PW_EAP_REQUEST) return RLM_MODULE_NOOP;
 	if (!inst->max_eap_type) return RLM_MODULE_NOOP;
 
+	if (vp->vp_length < 5) return RLM_MODULE_NOOP;
+
+	if (vp->vp_octets[4] == 254) return RLM_MODULE_NOOP; /* allow extended types */
+
 	if (vp->vp_octets[4] > inst->max_eap_type) {
-		RDEBUG("EAP method %u is too large", vp->vp_octets[0]);
+		RDEBUG("EAP method %u is too large", vp->vp_octets[4]);
 		return RLM_MODULE_REJECT;
 	}