From: Alan T. DeKok <aland@freeradius.org>
Date: Fri, 15 May 2015 14:02:54 +0000 (-0400)
Subject: Shorten passwords from the end.  Fixes #1013
X-Git-Tag: release_3_0_9~356
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9a5a28dbf654722544392467913182f9d68201f2;p=thirdparty%2Ffreeradius-server.git

Shorten passwords from the end.  Fixes #1013
---

diff --git a/src/lib/radius.c b/src/lib/radius.c
index 4092019ebbd..045143da520 100644
--- a/src/lib/radius.c
+++ b/src/lib/radius.c
@@ -3450,7 +3450,18 @@ ssize_t data2vp(TALLOC_CTX *ctx,
 					     packet->vector);
 			}
 			buffer[253] = '\0';
-			datalen = strlen((char *) buffer);
+
+			/*
+			 *	Take off trailing zeros from the END.
+			 *	This allows passwords to have zeros in
+			 *	the middle of a field.
+			 *
+			 *	However, if the password has a zero at
+			 *	the end, it will get mashed by this
+			 *	code.  There's really no way around
+			 *	that.
+			 */
+			while ((datalen > 0) && (buffer[datalen - 1] == '\0')) datalen--;
 			break;
 
 		/*