tcpdump mailing list archives
Re: CVS radius code seems flawed
From: Guy Harris <guy () alum mit edu>
Date: Fri, 23 Jan 2004 01:37:42 -0800
On Thu, Jan 22, 2004 at 11:21:33PM +0100, Jonathan Heusser wrote:
Function print_vendor_attr(): * At print-radius.c:509, the while() loop does not check the data pointer for termination.
...
tok2str(oui_values,"Unknown",vendor_id), vendor_id); - while (length >= 2) { + while (length >= 2 && *data) { vendor_type = *(data); vendor_length = *(data+1); data+=2;
"Termination" in what sense? RFC 2865 says String The String field is one or more octets. The actual format of the information is site or application specific, and a robust implementation SHOULD support the field as undistinguished octets. The codification of the range of allowed usage of this field is outside the scope of this specification. It SHOULD be encoded as a sequence of vendor type / vendor length / value fields, as follows. The Attribute-Specific field is dependent on the vendor's definition of that attribute. An example encoding of the Vendor-Specific attribute using this method follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Vendor-Id +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Id (cont) | Vendor type | Vendor length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Attribute-Specific... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Multiple subattributes MAY be encoded within a single Vendor- Specific attribute, although they do not have to be. Is there something that indicates that a vendor type value of 0 terminates the sequence? - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- CVS radius code seems flawed Jonathan Heusser (Jan 22)
- Re: CVS radius code seems flawed Guy Harris (Jan 23)
- Re: CVS radius code seems flawed Jonathan Heusser (Jan 23)
- Message not available
- Message not available
- Re: CVS radius code seems flawed Hannes Gredler (Jan 25)
- Re: CVS radius code seems flawed Jonathan Heusser (Jan 25)
- Re: CVS radius code seems flawed Jonathan Heusser (Jan 23)
- Re: CVS radius code seems flawed Guy Harris (Jan 23)