Re: radius_xlat chops embedded NULs in cisco-av-pair
The string (RFC type 'text') should be escaped before being added to the concatenation buffer. I'll take a look and see if it's fixed in later versions.
maybe the entire attribute value data is copied but when sql_escape_func from rlm_sql module is called it stops on the first NUL byte in it, so maybe the escaping fails?
On 31 Mar 2014, at 13:08, Kiril <kyrmail@gmail.com> wrote:
The string (RFC type 'text') should be escaped before being added to the concatenation buffer. I'll take a look and see if it's fixed in later versions.
maybe the entire attribute value data is copied but when sql_escape_func from rlm_sql module is called it stops on the first NUL byte in it, so maybe the escaping fails?
Any output of an xlat function should be fully escaped, such that unprintables appear and a backslash prefixed octal number. Other parts of the code which assume that'd been done will stop on embedded NULLs. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
participants (2)
-
Arran Cudbard-Bell -
Kiril