'PATCH: pam_radius_auth padding error'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-devel
Subject:    PATCH:  pam_radius_auth padding error
From:       Kevin Babcock <kevin () safeweb ! com>
Date:       2003-02-27 17:45:48
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Sandeep Sardesai of Citadel Securix Ltd. discovered a problem in the
padding of the password attribute sent by pam_radius.  I investigated and
discovered that some garbage memory was being copied into the password
area which should have been null-padded.

I have attached a patch.

- -Kevin

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBPl5O1oJNw0n95fBGAQIuigf/R27zMO5URDiJdeZHe+7l0FIE4SyBxmfN
nDYH7JgahSFc3idqLjBZA7VKJOgdKn4nuEx3RnBWwvAuyfdbDG76VbZ1n+UdJqOt
NeAqLZpV80RbQPyk2wdIuDRALHIAsSKWwtZE1ltX/88HJtwN6pOxF7uZNCrApdwC
Fo4E+1VHtdOMtL02Qm+PYCw4+38JLcXLVMJIeh4p0ivT2oysewEdUKkT3Yu38uVW
pEgbmCXBDJeHxV10xp3LrsEUtKZ5YPPcqGtpgGP9Gu70nh2m/ZAdxCAT3EZQaK+I
sWK1wtNrK/yd77dQ43lbvfetJ7F+PYNGk+Fpjn2l1Dc6KoBN7dWnrA==
=SHKL
-----END PGP SIGNATURE-----


["pam_radius-1.3.15.bad_padding.patch" (TEXT/PLAIN)]

diff -u pam_radius-1.3.15.orig/pam_radius_auth.c pam_radius-1.3.15/pam_radius_auth.c
--- pam_radius-1.3.15.orig/pam_radius_auth.c	Tue Dec 17 10:42:27 2002
+++ pam_radius-1.3.15/pam_radius_auth.c	Tue Dec 17 10:43:19 2002
@@ -485,7 +485,7 @@
   }                             /* 16*N maps to itself */
 
   memset(hashed, '\0', length);
-  memcpy(hashed, password, length);
+  memcpy(hashed, password, strlen(password));
 
   attr = find_attribute(request, PW_PASSWORD);
 

["pam_radius-1.3.15.bad_padding.patch.asc" (TEXT/plain)]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUAPl5OFoJNw0n95fBGAQKQNwgAk+DK43CcVYD0bzlV7UxUvW+Y1pIdOkeQ
Lj1DGKDuysZqyvgVS0sQ5/c4M7axe+GdUw8cmNjBS3Q42FWbnUb0UIJK2GnSbz3l
GjNBfeY5baujKkY9gO2SJmDUGzNz64qYgz6QqQWeCPzArNRoE7MoKONABeYvMQrG
YG86XUkYnJvARAxdf0xjFyf28AIvutH+zNuEM2Be9SXN1BkTmm9PWGQ2POAuYLBv
QQ1nRiyN35gNf2r44AiaU8NPIXQNS63wDxNp9w6IlVowqCAS+WrxDFJLA38JZCOg
J9iRZ4G37/jz3D38mREavBf1FaLxkpr7LDFg+7dekJBYUwwhdnXzjg==
=g8Xb
-----END PGP SIGNATURE-----

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic