[Serdev] radius in ser 0.9.x
Greger V. Teigre
greger at teigre.com
Tue Jun 7 07:24:08 UTC 2005
I see. We send a bunch of AVPs in the replies, no crash yet. Do you remember
the size of the message needed to overflow the buffer?
g-)
Juha Heinanen wrote:
> Greger V. Teigre writes:
>
>> I can report that we have been running 0.9.x with radiusclient 0.4.3
>> about six months on a test platform with pilot users. We have
>> discovered
>> no bugs, but I guess we have been lucky or just don't do what trigger
>> the bugs?!
>
> if you get from radius a longer than normal reply, there is at least
> two places in 0.4.3 code that will crash ser. the code simply
> assumes that the reply will fit into a too small buffer and
> overwrites it. i found this when for some reason, some replies from
> radius got corrupted.
>
> -- juha
More information about the Serdev
mailing list