From: Alan T. DeKok <aland@freeradius.org>
Date: Sun, 28 Jan 2024 14:46:22 +0000 (-0500)
Subject: just return on error on TLV decode
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e75035a99f474b5b3d72f10667b7de2a0abe80d;p=thirdparty%2Ffreeradius-server.git

just return on error on TLV decode
---

diff --git a/src/lib/util/decode.c b/src/lib/util/decode.c
index 4b5d8d0c201..88d2bde409a 100644
--- a/src/lib/util/decode.c
+++ b/src/lib/util/decode.c
@@ -187,10 +187,17 @@ ssize_t fr_pair_tlvs_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out,
 
 		slen = decode_tlv(child_ctx, list, parent, p, (end - p), decode_ctx);
 		if (slen <= 0) {
-			FR_PROTO_TRACE("    tlv decode failed at offset %zu - converting to raw", (size_t) (p - data));
+			FR_PROTO_TRACE("    tlv decode failed at offset %zu - %s", (size_t) (p - data), fr_strerror());
 			fr_pair_list_free(list);
 			talloc_free(vp);
-			return fr_pair_raw_from_network(ctx, out, parent, data, data_len);
+
+			/*
+			 *	Don't decode it as raw.  We don't know how the TLVs are structured, so the
+			 *	only da we have is the parent.  The output has to in the parent with a child
+			 *	da.  So if we create a raw attribute here, then we have the raw attribute of
+			 *	da==parent going into the parent, which is wrong.
+			 */
+			return PAIR_DECODE_FATAL_ERROR;
 		}
 
 		p += slen;