From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 3 Feb 2016 15:28:52 +0000 (-0500)
Subject: Check data before using it
X-Git-Tag: release_3_0_12~250
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9f155fa53b698a20b15cc6d96db430c65da5fd5d;p=thirdparty%2Ffreeradius-server.git

Check data before using it
---

diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c
index d65cf6354d4..430cd7aabbd 100644
--- a/src/modules/rlm_mschap/rlm_mschap.c
+++ b/src/modules/rlm_mschap/rlm_mschap.c
@@ -1709,6 +1709,11 @@ static rlm_rcode_t CC_HINT(nonnull) mod_authenticate(void *instance, REQUEST *re
 				if (nt_enc->da->attr != PW_MSCHAP_NT_ENC_PW)
 					continue;
 
+				if (nt_enc->vp_length < 4) {
+					REDEBUG("MS-CHAP-NT-Enc-PW with invalid format");
+					return RLM_MODULE_INVALID;
+				}
+
 				if (nt_enc->vp_octets[0] != 6) {
 					REDEBUG("MS-CHAP-NT-Enc-PW with invalid format");
 					return RLM_MODULE_INVALID;