From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 24 Mar 2025 09:32:39 +0000 (+0200)
Subject: tmpl_aexpand() type doesn't need escape functions
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ed5d101ddeb2c3f058d236eccaa7842d6994aca;p=thirdparty%2Ffreeradius-server.git

tmpl_aexpand() type doesn't need escape functions

the only two callers didn't pass it, and the output data is only
used for key comparisons (csv) or for delays (delay)

We also cap delays, so that they are not crazy :(
---

diff --git a/src/lib/server/tmpl.h b/src/lib/server/tmpl.h
index b9a5bda06b1..92c9e7399b3 100644
--- a/src/lib/server/tmpl.h
+++ b/src/lib/server/tmpl.h
@@ -1082,8 +1082,8 @@ typedef enum {
  *
  * @see _tmpl_to_atype
  */
-#define tmpl_aexpand_type(_ctx, _out, _type, _request, _vpt, _escape, _escape_ctx) \
-			  _tmpl_to_atype(_ctx, (void *)(_out), _request, _vpt, _escape, _escape_ctx, _type)
+#define tmpl_aexpand_type(_ctx, _out, _type, _request, _vpt) \
+			  _tmpl_to_atype(_ctx, (void *)(_out), _request, _vpt, NULL, NULL, _type)
 
 void			tmpl_debug(tmpl_t const *vpt) CC_HINT(nonnull);
 
diff --git a/src/modules/rlm_csv/rlm_csv.c b/src/modules/rlm_csv/rlm_csv.c
index 853bde97c05..96a6c280f7d 100644
--- a/src/modules/rlm_csv/rlm_csv.c
+++ b/src/modules/rlm_csv/rlm_csv.c
@@ -1013,7 +1013,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul
 	 *	Expand the key to whatever it is.  For attributes,
 	 *	this usually just means copying the value box.
 	 */
-	slen = tmpl_aexpand_type(request, &key, FR_TYPE_VALUE_BOX, request, inst->key, NULL, NULL);
+	slen = tmpl_aexpand_type(request, &key, FR_TYPE_VALUE_BOX, request, inst->key);
 	if (slen < 0) {
 		DEBUG("Failed expanding key '%s'", inst->key->name);
 		RETURN_MODULE_FAIL;
diff --git a/src/modules/rlm_delay/rlm_delay.c b/src/modules/rlm_delay/rlm_delay.c
index 2b2f7db3022..679be93d1e1 100644
--- a/src/modules/rlm_delay/rlm_delay.c
+++ b/src/modules/rlm_delay/rlm_delay.c
@@ -140,10 +140,25 @@ static unlang_action_t CC_HINT(nonnull) mod_delay(rlm_rcode_t *p_result, module_
 
 	if (inst->delay) {
 		if (tmpl_aexpand_type(request, &delay, FR_TYPE_TIME_DELTA,
-				      request, inst->delay, NULL, NULL) < 0) {
+				      request, inst->delay) < 0) {
 			RPEDEBUG("Failed parsing %s as delay time", inst->delay->name);
 			RETURN_MODULE_FAIL;
 		}
+
+		/*
+		 *	Cap delays.  So that no matter what crazy
+		 *	thing the admin does, it doesn't cause an
+		 *	issue.
+		 */
+		if (fr_time_delta_cmp(delay, fr_time_delta_from_sec(0)) < 0) {
+			RWDEBUG("Delay is too small.  Limiting to 0s");
+			delay = fr_time_delta_wrap(0);
+
+		} else if (fr_time_delta_cmp(delay, fr_time_delta_from_sec(30)) > 0) {
+			RWDEBUG("Delay is too large.  Limiting to 30s");
+			delay = fr_time_delta_from_sec(30);
+		}
+
 	} else {
 		delay = fr_time_delta_wrap(0);
 	}