X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/2a579c6b18e16138a1296e6942c84cde163d0717..f72fe0d0de6eb91663b005b7d061ecebb555d667:/print-radius.c diff --git a/print-radius.c b/print-radius.c index 26da4832..a9b815f1 100644 --- a/print-radius.c +++ b/print-radius.c @@ -1,3 +1,24 @@ +/* + * Copyright (C) 2000 Alfredo Andres Omella. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * 3. The names of the authors may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ /* * Radius printer routines as specified on: * @@ -23,7 +44,7 @@ #ifndef lint static const char rcsid[] = - "$Id: print-radius.c,v 1.6 2001-03-19 03:58:11 guy Exp $"; + "$Id: print-radius.c,v 1.11 2002-04-20 09:40:42 guy Exp $"; #endif #ifdef HAVE_CONFIG_H @@ -38,6 +59,10 @@ static const char rcsid[] = #include +#ifdef TIME_WITH_SYS_TIME +#include +#endif + #include "interface.h" #include "addrtoname.h" #include "extract.h" @@ -117,6 +142,7 @@ struct radius_hdr { u_int8_t code; /* Radius packet code */ u_int8_t auth[16]; /* Authenticator */ }; +#define MIN_RADIUS_LEN 20 struct radius_attr { u_int8_t type; /* Attribute type */ u_int8_t len; /* Attribute length */ @@ -497,7 +523,6 @@ print_attr_num(register u_char *data, u_int length, u_short attr_code ) } else { - data++; data_value = EXTRACT_32BITS(data); } if ( data_value <= (attr_type[attr_code].siz_subtypes - 1 + @@ -640,7 +665,7 @@ static void print_attr_time(register u_char *data, u_int length, u_short attr_co TCHECK2(data[0],4); attr_time = EXTRACT_32BITS(data); - strcpy(string, ctime(&attr_time)); + strlcpy(string, ctime(&attr_time), sizeof(string)); /* Get rid of the newline */ string[24] = '\0'; printf("{%.24s}", string); @@ -732,7 +757,7 @@ static void print_attr_strange(register u_char *data, u_int length, u_short attr static void -radius_attr_print(register u_char *attr, u_int length) +radius_attr_print(register const u_char *attr, u_int length) { register const struct radius_attr *rad_attr = (struct radius_attr *)attr; @@ -745,6 +770,11 @@ radius_attr_print(register u_char *attr, u_int length) printf(" Attr[ "); while (length > 0) { + if (rad_attr->len == 0) + { + printf("(zero-length attribute)"); + return; + } if ( rad_attr->len <= length ) { if ( !rad_attr->type || (rad_attr->type > (TAM_SIZE(attr_type)-1)) ) @@ -780,17 +810,30 @@ radius_print(const u_char *dat, u_int length) { register const struct radius_hdr *rad; register int i; + int len; - i = min(length, snapend - dat) - sizeof(*rad); + i = min(length, snapend - dat); - if (i < 0) + if (i < MIN_RADIUS_LEN) { printf(" [|radius]"); return; } rad = (struct radius_hdr *)dat; - + len = ntohs(rad->len); + + if (len < MIN_RADIUS_LEN) + { + printf(" [|radius]"); + return; + } + + if (len < i) + i = len; + + i -= MIN_RADIUS_LEN; + switch (rad->code) { case RADCMD_ACCESS_REQ: @@ -836,5 +879,5 @@ radius_print(const u_char *dat, u_int length) printf(" [id %d]", rad->id); if (i) - radius_attr_print( ((u_char *)(rad+1)), i); + radius_attr_print( dat + MIN_RADIUS_LEN, i); }