diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-10-04 23:13:06 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-10-04 23:13:06 +0200 |
| commit | 53611ee129ab91c60f61a591b32e46bfac39abf7 (patch) | |
| tree | 30e660503318f20568282cd83f960acbd6c2f328 /database/sqlite | |
| parent | 5a4b0d9ec4202e9a1f035b6d8df63535431f2cbb (diff) | |
| download | eurephia-53611ee129ab91c60f61a591b32e46bfac39abf7.tar.gz eurephia-53611ee129ab91c60f61a591b32e46bfac39abf7.tar.xz eurephia-53611ee129ab91c60f61a591b32e46bfac39abf7.zip | |
Restrict input data length for plug-in arguments from openvpn
This only affects functions related to MAC address and certificate depth
Diffstat (limited to 'database/sqlite')
| -rw-r--r-- | database/sqlite/edb-sqlite.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c index 25d5a10..80966e5 100644 --- a/database/sqlite/edb-sqlite.c +++ b/database/sqlite/edb-sqlite.c @@ -602,8 +602,8 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); - if( macaddr == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save"); + if( (macaddr == NULL) && (strlen_nullsafe(macaddr) > 18) ) { + eurephia_log(ctx, LOG_FATAL, 0, "Invalid MAC address"); return 0; } |