From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 13 Feb 2023 12:40:50 +0000 (-0500)
Subject: check size of header
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cf07c72007c801dd7e1a6e86b73f2708b7fb6adc;p=thirdparty%2Ffreeradius-server.git

check size of header
---

diff --git a/src/protocols/tacacs/decode.c b/src/protocols/tacacs/decode.c
index 3c53d9e30f6..2a10ecbb5c0 100644
--- a/src/protocols/tacacs/decode.c
+++ b/src/protocols/tacacs/decode.c
@@ -127,7 +127,7 @@ int fr_tacacs_packet_to_code(fr_tacacs_packet_t const *pkt)
 #define PACKET_HEADER_CHECK(_msg, _hdr) do { \
 	p = (uint8_t const *) &(_hdr); \
 	data_len = sizeof(_hdr); \
-	if (p > end) { \
+	if ((p + sizeof(_hdr)) > end) { \
 		fr_strerror_printf("Header for %s is too small (%zu < %zu)", _msg, end - (uint8_t const *) pkt, p - (uint8_t const *) pkt); \
 		goto fail; \
 	} \