From: VANHULLEBUS Y. <va...@us...> - 2005-10-14 08:42:45
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5589/src/racoon Modified Files: ipsec_doi.c Log Message: don't allow NULL or empty FQDNs or USER_FQDNs (problem reported by Bernhard Suttner) Index: ipsec_doi.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/ipsec_doi.c,v retrieving revision 1.43 retrieving revision 1.44 diff -u -d -r1.43 -r1.44 --- ipsec_doi.c 12 Jul 2005 11:34:07 -0000 1.43 +++ ipsec_doi.c 14 Oct 2005 08:42:38 -0000 1.44 @@ -3590,12 +3590,23 @@ vchar_t *new = NULL; /* simply return if value is null. */ - if (!value) + if (!value){ + if( type == IDTYPE_FQDN || type == IDTYPE_USERFQDN){ + plog(LLV_ERROR, LOCATION, NULL, + "No %s\n", type == IDTYPE_FQDN ? "fqdn":"user fqdn"); + return -1; + } return 0; + } switch (type) { case IDTYPE_FQDN: case IDTYPE_USERFQDN: + if(value->l <= 1){ + plog(LLV_ERROR, LOCATION, NULL, + "Empty %s\n", type == IDTYPE_FQDN ? "fqdn":"user fqdn"); + return -1; + } /* length is adjusted since QUOTEDSTRING teminates NULL. */ new = vmalloc(value->l - 1); if (new == NULL) |