radius_xlat chops embedded NULs in cisco-av-pair
Kiril
kyrmail at gmail.com
Mon Mar 31 08:00:43 CEST 2014
Hi,
there is a problem under freeradius 2.1.12 when incoming radius packet
has embedded NUL bytes in the middle of the string attribute
cisco-av-pair
in debug packet output it is printed as Cisco-AVPair =
"release-source=\000\000\000\002"
but when we use %{Cisco-AVPair[*]} in sql accounting query it is
expanded as "release-source="
in previous version 1.x the bahaviour was different - xlat-ed string
in query was shown as in debug output
according to RFC 2869 section 5 it is said:
"Servers and servers and clients MUST be able to deal with embedded
nulls. RADIUS implementers using C are cautioned not to use strcpy()
when handling strings."
and radius_xlat function uses strlcpy(out, vp->vp_strvalue, outlen) in
vp_prints_value, so not the full string vp->vp_strvalue is copied
what should be done in this case: fix the radius source, or fix the NAS?
More information about the Freeradius-Users
mailing list