diff options
author | Linus Nordberg <linus@nordu.net> | 2017-07-30 22:21:59 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2017-08-01 18:19:13 +0200 |
commit | 65094f8683f95b3fd47172166fe084a8dccdc4ff (patch) | |
tree | 94cdf55611c812489897c1b4e072d59a5fc8b535 | |
parent | 1e695906e679d6a4be772ea67ce8164da665ec12 (diff) |
Don't risk calling _validauth() with sec == NULL.
buf2radmsg() is never called with rqauth != NULL and secret == NULL
but let's protect against future callers.
coverity: 1449519
-rw-r--r-- | radmsg.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -273,7 +273,7 @@ struct radmsg *buf2radmsg(uint8_t *buf, uint8_t *secret, uint8_t *rqauth) { } } - if (rqauth && !_validauth(buf, rqauth, secret)) { + if (rqauth && secret && !_validauth(buf, rqauth, secret)) { debug(DBG_WARN, "buf2radmsg: Invalid auth, ignoring reply"); return NULL; } |