RADIUS: Fix some issues in print_attr_netmask6().

author Denis Ovsienko <[email protected]>

Sun, 24 Sep 2017 13:10:26 +0000 (14:10 +0100)

committer Denis Ovsienko <[email protected]>

Sun, 24 Sep 2017 13:14:38 +0000 (14:14 +0100)
author Denis Ovsienko <[email protected]>
Sun, 24 Sep 2017 13:10:26 +0000 (14:10 +0100)
committer Denis Ovsienko <[email protected]>
Sun, 24 Sep 2017 13:14:38 +0000 (14:14 +0100)
diff --git a/print-radius.c b/print-radius.c

index 1b88bb8d7917e3997f85683ae656a1e57170a71b..7e69d9d127e7efb7124c678773d5eb4ffc18de38 100644 (file)
--- a/print-radius.c
+++ b/print-radius.c
@@ -899,26 +899,29 @@ static void
  print_attr_netmask6(netdissect_options *ndo,
                      register const u_char *data, u_int length, u_short attr_code _U_)
  {
-   u_char data2[18];
+   u_char data2[16];
  
     if (length < 2 || length > 18)
     {
         ND_PRINT((ndo, "ERROR: length %u not in range (2..18)", length));
         return;
     }
-   else if (data[1] > 128)
+   ND_TCHECK2(data[0], length);
+   if (data[1] > 128)
     {
        ND_PRINT((ndo, "ERROR: netmask %u not in range (0..128)", data[1]));
        return;
     }
  
-   ND_TCHECK2(data[0], length);
     memset(data2, 0, sizeof(data2));
     if (length > 2)
        memcpy(data2, data+2, length-2);
  
     ND_PRINT((ndo, "%s/%u", ip6addr_string(ndo, data2), data[1]));
  
+   if (data[1] > 8 * (length - 2))
+      ND_PRINT((ndo, " (inconsistent prefix length)"));
+
     return;
  
     trunc:
author	Denis Ovsienko <[email protected]>
	Sun, 24 Sep 2017 13:10:26 +0000 (14:10 +0100)
committer	Denis Ovsienko <[email protected]>
	Sun, 24 Sep 2017 13:14:38 +0000 (14:14 +0100)