]> git.ozlabs.org Git - ppp.git/commitdiff
projects / ppp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b94b7fb)
pppd: Fix a stack variable overflow in MSCHAP-v2
authorJohn Crispin <blogic@openwrt.org>
Fri, 1 Aug 2014 08:12:36 +0000 (18:12 +1000)
committerPaul Mackerras <paulus@samba.org>
Fri, 1 Aug 2014 11:36:57 +0000 (21:36 +1000)
This fixes a bug introduced in 08ef47ca ("pppd: Make MSCHAP-v2 cope
better with packet loss").

Signed-off-by: Paul Mackerras <paulus@samba.org>
pppd/chap_ms.c patch | blob | history

diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c
index 016b42e0c10ee9a845a3e96ad8aa55dcb2b0464c..c2bd00f9c6f7ec0e3e3a5dd6b00c4153b6c41d25 100644 (file)
--- a/pppd/chap_ms.c
+++ b/pppd/chap_ms.c
@@ -382,7 +382,7 @@ chapms2_make_response(unsigned char *response, int id, char *our_name,
                      unsigned char *private)
 {
        const struct chapms2_response_cache_entry *cache_entry;
-       unsigned char auth_response[MS_AUTH_RESPONSE_LENGTH];
+       unsigned char auth_response[MS_AUTH_RESPONSE_LENGTH+1];
 
        challenge++;    /* skip length, should be 16 */
        *response++ = MS_CHAP2_RESPONSE_LEN;
PPP (Point-to-Point Protocol) implementation for Linux and Solaris