+ secretlen = strlen (secret);
+
+ /* Do sanity checks on packet length */
+ if ((totallen < 20) || (totallen > 4096))
+ {
+ rc_log(LOG_ERR, "rc_check_reply: received RADIUS server response with invalid length");
+ return (BADRESP_RC);
+ }
+
+ /* Verify buffer space, should never trigger with current buffer size and check above */
+ if ((totallen + secretlen) > bufferlen)
+ {
+ rc_log(LOG_ERR, "rc_check_reply: not enough buffer space to verify RADIUS server response");
+ return (BADRESP_RC);
+ }