sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

eap-mschapv2: Fix compile warning/error when compiled with -Warray-bounds

Browse Source 
Since the allocated data was smaller than sizeof(eap_mschapv2_header_t),
the following compile error was triggered (with newer GCC versions):

eap_mschapv2.c: In function 'process_peer_success':
eap_mschapv2.c:945:12: error: array subscript 'eap_mschapv2_header_t[0]' is partly outside array bounds of 'unsigned char[6]' [-Werror=array-bounds]
  945 |         eap->code = EAP_RESPONSE;
      |            ^~
In file included from /usr/include/stdlib.h:587,
                 from ../../../../src/libstrongswan/utils/printf_hook/printf_hook.h:26,
                 from ../../../../src/libstrongswan/library.h:101,
                 from ../../../../src/libcharon/sa/eap/eap_method.h:28,
                 from eap_mschapv2.h:27,
                 from eap_mschapv2.c:18:
eap_mschapv2.c:944:15: note: object of size 6 allocated by '__builtin_alloca'
  944 |         eap = alloca(len);
      |               ^~~~~~

Closes strongswan/strongswan#1188
Closes strongswan/strongswan#1215
This commit is contained in:
Tobias Brunner 2022-08-15 14:34:34 +02:00
parent bcedd65a31
commit 47fd5ab6b5
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
View File

@ -239,8 +239,8 @@ struct eap_mschapv2_response_t
#define HEADER_LEN (sizeof(eap_mschapv2_header_t))
/**
* Length of the header for MS-CHAPv2 success/failure packets (does not include
* MS-CHAPv2-ID and MS-Length, i.e. 3 octets)
* Length of the header as used for MS-CHAPv2 success packets (does
* not include MS-CHAPv2-ID, MS-Length or any data, i.e. 3 octets)
*/
#define SHORT_HEADER_LEN (HEADER_LEN - 3)
@ -883,7 +883,6 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
chunk_t data, auth_string = chunk_empty;
char *message, *token, *msg = NULL;
int message_len;
uint16_t len = SHORT_HEADER_LEN;
data = in->get_data(in);
eap = (eap_mschapv2_header_t*)data.ptr;
@ -941,14 +940,14 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
DBG1(DBG_IKE, "EAP-MS-CHAPv2 succeeded: '%s'", sanitize(msg));
eap = alloca(len);
eap = alloca(HEADER_LEN);
eap->code = EAP_RESPONSE;
eap->identifier = this->identifier;
eap->length = htons(len);
eap->length = htons(SHORT_HEADER_LEN);
eap->type = EAP_MSCHAPV2;
eap->opcode = MSCHAPV2_SUCCESS;
*out = eap_payload_create_data(chunk_create((void*) eap, len));
*out = eap_payload_create_data(chunk_create((void*)eap, SHORT_HEADER_LEN));
status = NEED_MORE;
this->state = S_DONE;