From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Wed, 26 Oct 2011 09:44:35 +0000 (+0200)
Subject: Check for possible value truncation when calling vp_prints_value
X-Git-Tag: release_3_0_0_beta0~543
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=87fcfb30667b8fda0790072395673241c52f258e;p=thirdparty%2Ffreeradius-server.git

Check for possible value truncation when calling vp_prints_value

This should be fixed in future by performing the checks in vp_prints_value
---

diff --git a/src/lib/print.c b/src/lib/print.c
index a0d4498484c..0bc5c592aaa 100644
--- a/src/lib/print.c
+++ b/src/lib/print.c
@@ -432,7 +432,10 @@ int vp_prints_value_json(char *buffer, size_t bufsize, const VALUE_PAIR *vp)
 			break;
 
 		default:
-			p += vp_prints_value(p, bufsize, vp, 0);
+			s = vp_prints_value(p, bufsize, vp, 0);
+			if ((unsigned) s == (bufsize - 1)) return -1;
+			
+			p += s;
 			break;
 	}