[Serdev] radius in ser 0.9.x

Greger V. Teigre greger at teigre.com
Tue Jun 7 07:24:08 UTC 2005


I see. We send a bunch of AVPs in the replies, no crash yet. Do you remember 
the size of the message needed to overflow the buffer?
g-)
Juha Heinanen wrote:
> Greger V. Teigre writes:
>
>> I can report that we have been running 0.9.x with radiusclient 0.4.3
>> about six months on a test platform with pilot users.  We have
>> discovered
>> no bugs, but I guess we have been lucky or just don't do what trigger
>> the bugs?!
>
> if you get from radius a longer than normal reply, there is at least
> two places in 0.4.3 code that will crash ser.  the code simply
> assumes that the reply will fit into a too small buffer and
> overwrites it.  i found this when for some reason, some replies from
> radius got corrupted.
>
> -- juha 




More information about the Serdev mailing list