summaryrefslogtreecommitdiff
path: root/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c')
-rw-r--r--net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c26
1 files changed, 0 insertions, 26 deletions
diff --git a/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c b/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c
deleted file mode 100644
index e464afa9f3a..00000000000
--- a/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-src_modules_rlm__pap_rlm__pap.c,v 1.1 2014/04/27 12:10:55 he Exp $
-
-Increase buffer size, and use output buffer size as limit for hex2bin.
-Should fix CVE-2014-2015, patch from
-https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a
-
---- src/modules/rlm_pap/rlm_pap.c.orig 2012-09-10 11:51:34.000000000 +0000
-+++ src/modules/rlm_pap/rlm_pap.c
-@@ -245,7 +245,7 @@ static int base64_decode (const char *sr
- static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
- {
- size_t decoded;
-- uint8_t buffer[64];
-+ uint8_t buffer[256];
-
- if (min_length >= sizeof(buffer)) return; /* paranoia */
-
-@@ -253,7 +253,7 @@ static void normify(REQUEST *request, VA
- * Hex encoding.
- */
- if (vp->length >= (2 * min_length)) {
-- decoded = fr_hex2bin(vp->vp_strvalue, buffer, vp->length >> 1);
-+ decoded = fr_hex2bin(vp->vp_strvalue, buffer, sizeof(buffer));
- if (decoded == (vp->length >> 1)) {
- RDEBUG2("Normalizing %s from hex encoding", vp->name);
- memcpy(vp->vp_octets, buffer, decoded);
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 04:14:56 +0000