[packages/freeradius.git] / freeradius-rlm_smb-overflow.patch

Fix for S-Quadra Advisory #2003-11-26
(http://www.s-quadra.com/advisories/Adv-20031126.txt)
taken from freeradius CVS - change with comment:

 RADIUS attributes can be up to ~256 bytes long.
 This is the pam_smb vulnerability from a while ago...

--- freeradius-0.9.3/src/modules/rlm_smb/smblib.c.orig	2002-08-06 18:50:33.000000000 +0200
+++ freeradius-0.9.3/src/modules/rlm_smb/smblib.c	2003-11-28 20:38:18.699957008 +0100
@@ -316,7 +316,7 @@
 
 { struct RFCNB_Pkt *pkt;
   int param_len, i, pkt_len, pass_len,a;
-  char *p, pword[128];
+  char *p, pword[256];
 
   /* First we need a packet etc ... but we need to know what protocol has  */
   /* been negotiated to figure out if we can do it and what SMB format to  */
Commit	Line	Data
041912e5 JB	1	Fix for S-Quadra Advisory #2003-11-26
	2	(http://www.s-quadra.com/advisories/Adv-20031126.txt)
	3	taken from freeradius CVS - change with comment:
	4
	5	RADIUS attributes can be up to ~256 bytes long.
	6	This is the pam_smb vulnerability from a while ago...
	7
	8	--- freeradius-0.9.3/src/modules/rlm_smb/smblib.c.orig 2002-08-06 18:50:33.000000000 +0200
	9	+++ freeradius-0.9.3/src/modules/rlm_smb/smblib.c 2003-11-28 20:38:18.699957008 +0100
	10	@@ -316,7 +316,7 @@
	11
	12	{ struct RFCNB_Pkt *pkt;
	13	int param_len, i, pkt_len, pass_len,a;
	14	- char *p, pword[128];
	15	+ char *p, pword[256];
	16
	17	/* First we need a packet etc ... but we need to know what protocol has */
	18	/* been negotiated to figure out if we can do it and what SMB format to */