From: Nikolai Kondrashov Date: Tue, 3 Feb 2015 11:10:52 +0000 (+0100) Subject: log: Check message buffer length to avoid overflow X-Git-Tag: release_2_2_7~22^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F897%2Fhead;p=thirdparty%2Ffreeradius-server.git log: Check message buffer length to avoid overflow Check that adding strlcpy result to the message length didn't exceed size of the message buffer to avoid underflow in calculating remaining size and overflowing the buffer. --- diff --git a/src/main/log.c b/src/main/log.c index 7470897df6..16d3fafd7f 100644 --- a/src/main/log.c +++ b/src/main/log.c @@ -311,6 +311,8 @@ void radlog_request(int lvl, int priority, REQUEST *request, const char *msg, .. if (len < sizeof(buffer)) { len += strlcpy(buffer + len, fr_int2str(levels, (lvl & ~L_CONS), ": "), sizeof(buffer) - len); + if (len >= sizeof(buffer)) + len = sizeof(buffer) - 1; } }