rlm_expr overflow bug

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Jul 25 18:27:29 CEST 2014


On 25 Jul 2014, at 11:26, Gabriel Blanchard <gabe at teksavvy.com> wrote:

> Found a bug while trying to use the acct_counters64 policy
> 
> acct_counters64.preacct {
> 	update request {
> 		Acct-Input-Octets64 = "%{expr:(%{%{Acct-Input-Gigawords}:-0} *
> 4294967296) + %{%{Acct-Input-Octets}:-0}}"
> 		Acct-Output-Octets64 = "%{expr:(%{%{Acct-Output-Gigawords}:-0} *
> 4294967296) + %{%{Acct-Output-Octets}:-0}}"
> 	}
> }
> 
> expr was returning 32 bit signed numbers and overflowing...it should
> return 64 bit numbers. I believe this needs to be changed in rlm_expr.c
> 
> static int get_number(REQUEST *request, char const **string, int64_t
> *answer)
> 
> -       snprintf(out, outlen, "%ld", (long int) result);
> +       snprintf(out, outlen, "%lld", (int64_t) result);

Yes, the actual xlat function itself needs to print a 64bit result. get_number is fine.

Thanks for the bug report.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140725/0ba5ccfb/attachment.pgp>


More information about the Freeradius-Devel mailing list