|
 |
16502d |
From af6d64cfa4f8ff64da1b5cd6cacd06ae3c095c37 Mon Sep 17 00:00:00 2001
|
|
|
16502d |
From: "Alan T. DeKok" <aland@freeradius.org>
|
|
|
16502d |
Date: Mon, 3 Jul 2017 15:37:44 -0400
|
|
|
16502d |
Subject: [PATCH] FR-GV-303 - do memchr() of end-p, not q-p
|
|
|
16502d |
|
|
|
16502d |
---
|
|
|
16502d |
src/modules/proto_dhcp/dhcp.c | 20 +++++++++-----------
|
|
|
16502d |
1 file changed, 9 insertions(+), 11 deletions(-)
|
|
|
16502d |
|
|
|
16502d |
diff --git a/src/modules/proto_dhcp/dhcp.c b/src/modules/proto_dhcp/dhcp.c
|
|
|
16502d |
index a66a931cb..dbfe81747 100644
|
|
|
16502d |
--- a/src/modules/proto_dhcp/dhcp.c
|
|
|
16502d |
+++ b/src/modules/proto_dhcp/dhcp.c
|
|
|
16502d |
@@ -774,25 +774,23 @@ static int fr_dhcp_attr2vp(TALLOC_CTX *ctx, VALUE_PAIR **vp_p, uint8_t const *da
|
|
|
16502d |
* multiple additional VPs
|
|
|
16502d |
*/
|
|
|
16502d |
fr_cursor_init(&cursor, vp_p);
|
|
|
16502d |
- for (;;) {
|
|
|
16502d |
- q = memchr(p, '\0', q - p);
|
|
|
16502d |
+ while (p < end) {
|
|
|
16502d |
+ q = memchr(p, '\0', end - p);
|
|
|
16502d |
/* Malformed but recoverable */
|
|
|
16502d |
if (!q) q = end;
|
|
|
16502d |
|
|
|
16502d |
fr_pair_value_bstrncpy(vp, (char const *)p, q - p);
|
|
|
16502d |
p = q + 1;
|
|
|
16502d |
|
|
|
16502d |
+ if (p >= end) break;
|
|
|
16502d |
+
|
|
|
16502d |
/* Need another VP for the next round */
|
|
|
16502d |
- if (p < end) {
|
|
|
16502d |
- vp = fr_pair_afrom_da(ctx, vp->da);
|
|
|
16502d |
- if (!vp) {
|
|
|
16502d |
- fr_pair_list_free(vp_p);
|
|
|
16502d |
- return -1;
|
|
|
16502d |
- }
|
|
|
16502d |
- fr_cursor_insert(&cursor, vp);
|
|
|
16502d |
- continue;
|
|
|
16502d |
+ vp = fr_pair_afrom_da(ctx, vp->da);
|
|
|
16502d |
+ if (!vp) {
|
|
|
16502d |
+ fr_pair_list_free(vp_p);
|
|
|
16502d |
+ return -1;
|
|
|
16502d |
}
|
|
|
16502d |
- break;
|
|
|
16502d |
+ fr_cursor_insert(&cursor, vp);
|
|
|
16502d |
}
|
|
|
16502d |
}
|
|
|
16502d |
break;
|
|
|
16502d |
--
|
|
|
16502d |
2.13.2
|
|
|
16502d |
|