diff options
Diffstat (limited to 'src/Cedar')
| -rw-r--r-- | src/Cedar/Cedar.h | 16 | ||||
| -rw-r--r-- | src/Cedar/IPsec_L2TP.c | 6 | ||||
| -rw-r--r-- | src/Cedar/IPsec_PPP.c | 4 | ||||
| -rw-r--r-- | src/Cedar/Interop_OpenVPN.c | 2 | ||||
| -rw-r--r-- | src/Cedar/Radius.c | 7 | ||||
| -rw-r--r-- | src/Cedar/Virtual.c | 1 |
6 files changed, 25 insertions, 11 deletions
diff --git a/src/Cedar/Cedar.h b/src/Cedar/Cedar.h index 558380f9..083770c4 100644 --- a/src/Cedar/Cedar.h +++ b/src/Cedar/Cedar.h @@ -135,10 +135,10 @@ // Version number
-#define CEDAR_VER 424
+#define CEDAR_VER 425
// Build Number
-#define CEDAR_BUILD 9652
+#define CEDAR_BUILD 9656
// Beta number
//#define BETA_NUMBER 3
@@ -157,12 +157,12 @@ #endif // BUILD_PLACE
// Specifies the build date
-#define BUILD_DATE_Y 2017
-#define BUILD_DATE_M 12
-#define BUILD_DATE_D 21
-#define BUILD_DATE_HO 10
-#define BUILD_DATE_MI 34
-#define BUILD_DATE_SE 43
+#define BUILD_DATE_Y 2018
+#define BUILD_DATE_M 1
+#define BUILD_DATE_D 15
+#define BUILD_DATE_HO 9
+#define BUILD_DATE_MI 33
+#define BUILD_DATE_SE 22
// Tolerable time difference
#define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000)
diff --git a/src/Cedar/IPsec_L2TP.c b/src/Cedar/IPsec_L2TP.c index 79860153..e036e1a5 100644 --- a/src/Cedar/IPsec_L2TP.c +++ b/src/Cedar/IPsec_L2TP.c @@ -792,6 +792,12 @@ L2TP_PACKET *ParseL2TPPacket(UDPPACKET *p) size -= 2;
a.DataSize = a.Length - 6;
+
+ if (a.DataSize > size)
+ {
+ goto LABEL_ERROR;
+ }
+
a.Data = Clone(buf, a.DataSize);
buf += a.DataSize;
diff --git a/src/Cedar/IPsec_PPP.c b/src/Cedar/IPsec_PPP.c index e34f3d84..10a07e7a 100644 --- a/src/Cedar/IPsec_PPP.c +++ b/src/Cedar/IPsec_PPP.c @@ -291,7 +291,7 @@ void PPPThread(THREAD *thread, void *param) ReadBuf(b, client_response_buffer, 49);
Zero(username_tmp, sizeof(username_tmp));
- ReadBuf(b, username_tmp, sizeof(username_tmp));
+ ReadBuf(b, username_tmp, sizeof(username_tmp) - 1);
Debug("First MS-CHAPv2: id=%s\n", username_tmp);
@@ -977,7 +977,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req) ReadBuf(b, client_response_buffer, 49);
Zero(username_tmp, sizeof(username_tmp));
- ReadBuf(b, username_tmp, sizeof(username_tmp));
+ ReadBuf(b, username_tmp, sizeof(username_tmp) - 1);
client_challenge_16 = client_response_buffer + 0;
client_response_24 = client_response_buffer + 16 + 8;
diff --git a/src/Cedar/Interop_OpenVPN.c b/src/Cedar/Interop_OpenVPN.c index 000a55a1..11e86a90 100644 --- a/src/Cedar/Interop_OpenVPN.c +++ b/src/Cedar/Interop_OpenVPN.c @@ -2840,7 +2840,7 @@ bool OvsPerformTcpServer(CEDAR *cedar, SOCK *sock) {
void *ptr = FifoPtr(tcp_recv_fifo);
USHORT packet_size = READ_USHORT(ptr);
- if (packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE)
+ if (packet_size != 0 && packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE)
{
UINT total_len = (UINT)packet_size + sizeof(USHORT);
if (r >= total_len)
diff --git a/src/Cedar/Radius.c b/src/Cedar/Radius.c index 4b09f600..8740e753 100644 --- a/src/Cedar/Radius.c +++ b/src/Cedar/Radius.c @@ -1827,6 +1827,13 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec if (encrypted_password == NULL)
{
// Encryption failure
+
+ // Release the ip_list
+ for(i = 0; i < LIST_NUM(ip_list); i++)
+ {
+ IP *tmp_ip = LIST_DATA(ip_list, i);
+ Free(tmp_ip);
+ }
ReleaseList(ip_list);
return false;
}
diff --git a/src/Cedar/Virtual.c b/src/Cedar/Virtual.c index 7cf3b840..e28a7733 100644 --- a/src/Cedar/Virtual.c +++ b/src/Cedar/Virtual.c @@ -2250,6 +2250,7 @@ BUF *NnReadDnsRecord(BUF *buf, bool answer, USHORT *ret_type, USHORT *ret_class) data = Malloc(data_len);
if (ReadBuf(buf, data, data_len) != data_len)
{
+ Free(data);
return false;
}
|