rlm_expr overflow bug
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Jul 25 18:27:29 CEST 2014
On 25 Jul 2014, at 11:26, Gabriel Blanchard <gabe at teksavvy.com> wrote:
> Found a bug while trying to use the acct_counters64 policy
>
> acct_counters64.preacct {
> update request {
> Acct-Input-Octets64 = "%{expr:(%{%{Acct-Input-Gigawords}:-0} *
> 4294967296) + %{%{Acct-Input-Octets}:-0}}"
> Acct-Output-Octets64 = "%{expr:(%{%{Acct-Output-Gigawords}:-0} *
> 4294967296) + %{%{Acct-Output-Octets}:-0}}"
> }
> }
>
> expr was returning 32 bit signed numbers and overflowing...it should
> return 64 bit numbers. I believe this needs to be changed in rlm_expr.c
>
> static int get_number(REQUEST *request, char const **string, int64_t
> *answer)
>
> - snprintf(out, outlen, "%ld", (long int) result);
> + snprintf(out, outlen, "%lld", (int64_t) result);
Yes, the actual xlat function itself needs to print a 64bit result. get_number is fine.
Thanks for the bug report.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140725/0ba5ccfb/attachment.pgp>
More information about the Freeradius-Devel
mailing list