From: Alan T. DeKok <aland@freeradius.org>
Date: Tue, 12 Oct 2021 12:51:54 +0000 (-0400)
Subject: let's add one more check
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=550e9de88f5b8dee905ad344fc1e22dd91da90c1;p=thirdparty%2Ffreeradius-server.git

let's add one more check
---

diff --git a/src/protocols/tacacs/decode.c b/src/protocols/tacacs/decode.c
index c067a8c0d58..a986ebb3071 100644
--- a/src/protocols/tacacs/decode.c
+++ b/src/protocols/tacacs/decode.c
@@ -118,6 +118,7 @@ static int tacacs_decode_args(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr
 		buffer[arg_list[i]] = '\0';
 
 		arg_end = buffer + arg_list[i];
+		if (arg_end > end) return -1;
 
 		for (value = buffer, name_end = NULL; value < arg_end; value++) {
 			/*