[Serdev] radius in ser 0.9.x
Juha Heinanen
jh at tutpro.com
Tue Jun 7 06:09:18 UTC 2005
Greger V. Teigre writes:
> I can report that we have been running 0.9.x with radiusclient 0.4.3 about
> six months on a test platform with pilot users. We have discovered
> no bugs, but I guess we have been lucky or just don't do what trigger
> the bugs?!
if you get from radius a longer than normal reply, there is at least two
places in 0.4.3 code that will crash ser. the code simply assumes that
the reply will fit into a too small buffer and overwrites it. i found
this when for some reason, some replies from radius got corrupted.
-- juha
More information about the Serdev
mailing list