summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2017-07-30 22:21:59 +0200
committerLinus Nordberg <linus@nordu.net>2017-08-01 18:25:36 +0200
commit3a5d0a04da17b2f7aeda9a41a36c8ec3597d20d6 (patch)
tree6cf1a03448ee2a57bcd79727a95ef52efedf871b
parent633e4b83029f4cf213c986404e28ecbd9cd8d26d (diff)
Don't risk calling _validauth() with sec == NULL.
buf2radmsg() is never called with rqauth != NULL and secret == NULL but let's protect against future callers. coverity: 1449519
-rw-r--r--radmsg.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/radmsg.c b/radmsg.c
index 7f6dd9d..7ff094b 100644
--- a/radmsg.c
+++ b/radmsg.c
@@ -308,7 +308,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) {
}
}
- if (rqauth && !_validauth(buf, rqauth, secret)) {
+ if (rqauth && secret && !_validauth(buf, rqauth, secret)) {
debug(DBG_WARN, "buf2radmsg: Invalid auth, ignoring reply");
return NULL;
}