From: Alan T. DeKok <aland@freeradius.org>
Date: Thu, 6 Sep 2012 09:25:45 +0000 (+0200)
Subject: Double-check that we don't over-run the buffer
X-Git-Tag: release_2_2_0~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c511a7e845c94f317fe23c69bad4284e601d474c;p=thirdparty%2Ffreeradius-server.git

Double-check that we don't over-run the buffer
---

diff --git a/src/lib/vqp.c b/src/lib/vqp.c
index 6a8dd1cec23..1250c4efd67 100644
--- a/src/lib/vqp.c
+++ b/src/lib/vqp.c
@@ -651,6 +651,8 @@ int vqp_encode(RADIUS_PACKET *packet, RADIUS_PACKET *original)
 	 */
 	for (i = 0; i < VQP_MAX_ATTRIBUTES; i++) {
 		if (!vps[i]) break;
+		if ((ptr - packet->data) >= packet->data_len) break;
+
 		vp = vps[i];
 
 		debug_pair(vp);