From: Alan T. DeKok <aland@freeradius.org>
Date: Sat, 8 Mar 2025 17:46:16 +0000 (-0500)
Subject: limit what types can be copied and escaped
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b0c167be57348a8b93f9cf7e40a8ff0356b69103;p=thirdparty%2Ffreeradius-server.git

limit what types can be copied and escaped
---

diff --git a/src/lib/util/value.c b/src/lib/util/value.c
index ff4f46a2b7..9461ebd413 100644
--- a/src/lib/util/value.c
+++ b/src/lib/util/value.c
@@ -3815,6 +3815,16 @@ int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t
 		}
 	}
 		break;
+
+	case FR_TYPE_TLV:
+	case FR_TYPE_STRUCT:
+	case FR_TYPE_VSA:
+	case FR_TYPE_VENDOR:
+	case FR_TYPE_VALUE_BOX:
+	case FR_TYPE_VOID:
+	case FR_TYPE_MAX:
+		fr_strerror_printf("Cannot copy data type '%s'", fr_type_to_str(src->type));
+		return -1;
 	}
 
 	return 0;
@@ -5997,6 +6007,17 @@ int fr_value_box_escape_in_place(fr_value_box_t *vb, fr_value_box_escape_t escap
 	case FR_TYPE_GROUP:
 		return fr_value_box_list_escape_in_place(&vb->vb_group, escape, safe_for, uctx);
 
+	case FR_TYPE_NULL:
+	case FR_TYPE_TLV:
+	case FR_TYPE_STRUCT:
+	case FR_TYPE_VSA:
+	case FR_TYPE_VENDOR:
+	case FR_TYPE_VALUE_BOX:
+	case FR_TYPE_VOID:
+	case FR_TYPE_MAX:
+		fr_strerror_printf("Cannot escape data type '%s'", fr_type_to_str(vb->type));
+		return -1;
+
 	default:
 		break;
 	}