opnsense-src/lib
Mark Johnston f997253234 libradius: Fix attribute length validation in rad_get_attr(3)
The length of the attribute header needs to be excluded when comparing
the attribute length against the length of the packet.  Otherwise,
validation may incorrectly fail when fetching the final attribute in a
message.

Fixes:		8d5c78130 ("libradius: Fix input validation bugs")
Reported by:	Peter Eriksson
Tested by:	Peter Eriksson
Sponsored by:	The FreeBSD Foundation

(cherry picked from commit 6bb5699d2b)
2021-05-28 13:00:19 -04:00
..
atf atf: Fix ATF_BUILD_* values when not using the bootstrap compiler 2021-03-17 12:23:26 +00:00
clang libllvmminimal: Add missing Support/ABIBreak.cpp 2021-01-30 14:23:47 +00:00
csu Add C startup code tests for PIE binaries. 2020-11-10 19:09:35 +00:00
flua lib/flua/libjail: Allow empty params table 2021-03-14 04:09:20 -04:00
geom Drop "All rights reserved" from all my stuff. This includes 2020-10-28 13:46:11 +00:00
googletest Rename NO_WERROR -> MK_WERROR=no 2021-01-07 09:31:03 +00:00
kyua
lib9p lib9p: fix building on systems without capser 2021-01-04 20:48:48 +01:00
lib80211 80211: non-functional changes 2020-10-07 21:56:58 +00:00
libalias Rename NO_WERROR -> MK_WERROR=no 2021-01-07 09:31:03 +00:00
libarchive Don't include libarchive fuzz tests by default 2021-03-17 09:54:07 +00:00
libauditd
libbe When be_activate() turns on a new boot environment, it always deactivates 2021-01-08 09:23:16 -08:00
libbearssl Revert that! 2020-07-19 23:56:19 +00:00
libbegemot
libblacklist
libblocksruntime
libbluetooth
libbsdstat
libbsm
libbsnmp Add missing src.opts.mk include 2020-11-13 23:18:04 +00:00
libbz2
libc openat(2): add O_EMPTY_PATH 2021-05-19 06:13:14 +03:00
libc++ Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libc++experimental
libc_nonshared
libcalendar
libcam libcam(3): make cam_getccb(3) zero the whole ccb, not just the header 2020-12-29 14:26:06 +00:00
libcapsicum Add missing FreeBSD functions to -legacy when building on macOS/Linux 2020-08-25 13:23:31 +00:00
libcasper cap_sysctl.3: Fix bugs in the example 2021-05-05 11:01:56 -04:00
libclang_rt Allow using sanitizers for ssp tests with out-of-tree compiler 2021-04-10 14:01:04 +01:00
libcom_err
libcompat
libcompiler_rt Rename NO_WERROR -> MK_WERROR=no 2021-01-07 09:31:03 +00:00
libcrypt Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libcuse
libcxxrt Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libdevctl
libdevdctl Fix race in case of device destruction. 2021-04-27 08:47:39 -04:00
libdevinfo devinfo: add man page links 2020-08-04 21:09:36 +00:00
libdevstat
libdl libc: include rtld.h into static implementations of rtld interface 2021-04-23 14:14:07 +03:00
libdpv Bump shared library versions after ncurses bump in 13. 2021-02-04 17:51:45 -08:00
libdwarf
libedit sh(1): autocomplete commands 2021-05-05 13:04:57 +02:00
libefivar libefivar: define MDE_CPU_RISCV64 2020-07-06 17:47:29 +00:00
libelf libelf: add compression header support 2020-10-23 16:35:23 +00:00
libelftc
libevent1
libexecinfo
libexpat
libfetch libfetch: Retry with proxy auth when server returns 407 2021-04-28 16:21:26 -03:00
libfigpar
libgcc_eh After r364423, which ensures the callbacks that dl_iterate_phdr(3) 2020-08-25 20:07:11 +00:00
libgcc_s Rename NO_WERROR -> MK_WERROR=no 2021-01-07 09:31:03 +00:00
libgeom Modernize geom_stats_snapshot_get 2021-04-08 02:15:39 +00:00
libgpio
libgssapi Remove __NO_TLS. 2021-03-02 02:49:42 +02:00
libiconv_modules Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libifconfig libifconfig: Overhaul ifconfig_media_* interfaces 2021-03-19 09:00:19 -04:00
libipsec
libipt
libjail
libkiconv libkiconv: address memory leak in not-found cases 2021-04-27 20:10:12 -04:00
libkvm libkvm: Plug couple of memory leaks and check possible calloc(3) failure 2021-03-06 14:32:51 -05:00
libldns
liblua contrib/lua: update to 5.4.2 2021-01-13 23:56:18 -06:00
liblutok
liblzma
libmagic
libmd Fix a few mandoc issues 2020-10-09 19:12:44 +00:00
libmemstat malloc: move malloc_type_internal into malloc_type 2020-11-06 21:33:59 +00:00
libmilter
libmp
libmt Add the LTO-9 density code to libmt and the mt(1) man page. 2020-12-10 21:06:06 +00:00
libnetbsd
libnetgraph
libnetmap [libnetmap] Fix 32 bit compilation under gcc-6.4 2020-11-02 15:01:37 +00:00
libngatm
libnv libpfct: Fix PIC flag 2021-05-07 10:15:43 +02:00
libomp
libopenbsd Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libopencsd
libopie
libpam pam_login_access: Fix negative entry matching logic 2021-02-23 20:20:53 -05:00
libpathconv Fix a few mandoc issues 2020-10-09 19:12:44 +00:00
libpcap
libpe
libpfctl pf: Track the original kif for floating states 2021-05-27 09:06:14 +02:00
libpjdlog
libpmc pmc_allocate(3): document the count argument 2021-04-29 10:13:57 -03:00
libpmcstat pmcstat: fix PPC kernel symbol resolution 2020-11-05 16:47:23 +00:00
libproc Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libprocstat Decode and report native eventfd descriptors from libprocstat and procstat. 2020-12-27 12:57:27 +02:00
libradius libradius: Fix attribute length validation in rad_get_attr(3) 2021-05-28 13:00:19 -04:00
libregex libregex: re-enable make check 2021-01-08 13:58:35 -06:00
librpcsec_gss Fix a few mandoc issues 2020-10-09 19:12:44 +00:00
librpcsvc
librss
librt Don't add -Winline for WARNS=6 2021-04-22 10:44:51 +01:00
librtld_db
libsbuf Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libsdp
libsecureboot veloader: insist on verifying .4th .lua etc 2020-08-21 00:27:06 +00:00
libsm Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details 2020-07-15 18:28:54 +00:00
libsmb
libsmdb Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details 2020-07-15 18:28:54 +00:00
libsmutil
libsqlite3 [PowerPC64LE] Pass our byte order to the sqlite3 build. 2020-09-23 02:17:44 +00:00
libssp
libssp_nonshared
libstats
libstdbuf
libstdthreads
libsysdecode libsysdecode: fix decoding of TCP_NOPUSH and TCP_MD5SIG 2021-03-02 13:30:24 +01:00
libtacplus
libtelnet
libthr rtld: make dlerror() thread-local 2021-04-23 14:14:08 +03:00
libthread_db
libucl Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libufs Update the libufs cgget() and cgput() interfaces to have a similar 2020-09-19 22:48:30 +00:00
libugidfw
libulog
libunbound
libusb Be bug compatible with other operating systems by allowing non-sequential 2020-12-14 11:56:16 +00:00
libusbhid
libutil setclassenvironment: trim leading spaces in variable names 2021-04-15 22:15:51 +03:00
libveriexec
libvgl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libvmmapi bhyve: support relocating fbuf and passthru data BARs 2021-03-26 21:50:41 +08:00
libwrap
libxo pkgbase: Install libxo test files in the tests package 2021-01-04 16:20:26 +01:00
liby
libypclnt
libz
libzstd libprivatezstd: Restrict symbol visibility similar to upstream 2021-01-03 11:26:46 -08:00
msun Allow lib/msun/logarithm_test to pass on ld128 platforms 2021-04-22 10:44:55 +01:00
ncurses Bump shared library versions after ncurses bump in 13. 2021-02-04 17:51:45 -08:00
ofed Remove remaining uses of ${COMPILER_FEATURES:Mc++11} 2021-01-19 21:37:36 +00:00
tests
Makefile pfctl: Move ioctl abstraction functions into libpfctl 2021-05-07 10:15:42 +02:00
Makefile.inc build: provide a default WARNS for all in-tree builds 2020-09-18 17:17:46 +00:00