buffer overflow on mschap reject
Alan DeKok
aland at deployingradius.com
Tue Jun 12 16:20:54 CEST 2012
Matt Richards wrote:
> Hello,
>
> I have got radius setup to authenticate wireless clients using MS-CHAP
> and everything works correctly if the entered user / pass is correct.
>
> If the password is wrong, however, I get a buffer overflow error and
> radiusd dies.
You probably set the "retry_msg" to a very long string.
>> *** buffer overflow detected ***: radiusd terminated
>> ======= Backtrace: =========
Reading doc/bugs would help here.
> I can replicate this issue with radtest.
Do you have a minimal config which could help?
> Does anybody know why this might be happening? If you require any
> additional info please let me know. One thing I was thinking about
> trying it going back a few versions of ntlm_auth and tring again. Its
> interesting how I don't seem to be able to find any information relating
> to this on the Internet.
The error path here is very small. i.e. ~15 lines of code.
Running the server under "valgrind" would help, too. But first build
it with debugging symbols.
Alan DeKok.
More information about the Freeradius-Users
mailing list