valuepair: Don't remove unknown backslash

Don't remove backslash from unkown escape sequences in pairparsevalue,
adhering to behavior common to most other programs dealing with
backslash escape sequences.

Resolves: Bug#1173526
This commit is contained in:
Nikolai Kondrashov 2014-12-15 14:55:51 +02:00
parent 46c7f7b947
commit 11209699e6
2 changed files with 42 additions and 0 deletions

View File

@ -0,0 +1,40 @@
From 90b5b46341dbba78d8cd98d55d1b9321544c7887 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Mon, 15 Dec 2014 14:42:56 +0200
Subject: [PATCH 1/1] valuepair: Don't remove unknown backslash
Don't remove backslash from unknown escape sequences in pairparsevalue,
adhering to behavior common to most other programs dealing with
backslash escape sequences.
---
src/lib/valuepair.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/lib/valuepair.c b/src/lib/valuepair.c
index 7d6ee88..7742b81 100644
--- a/src/lib/valuepair.c
+++ b/src/lib/valuepair.c
@@ -1176,12 +1176,14 @@ int pairparsevalue(VALUE_PAIR *vp, char const *value, size_t inlen)
c = x;
cp += 3;
- } else if (cp[0]) {
- /*
- * \p --> p
- */
- c = *cp++;
- } /* else at EOL \ --> \ */
+ }
+
+ /*
+ * Else It's not a recognised escape sequence DON'T
+ * consume the backslash. This is identical
+ * behaviour to bash and most other things that
+ * use backslash escaping.
+ */
}
*p++ = c;
vp_len++;
--
2.1.3

View File

@ -44,6 +44,7 @@ Patch20: freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch
Patch21: freeradius-added-D-option-to-mirror-radclient.patch
Patch22: freeradius-man-remove-client-attribute-description.patch
Patch23: freeradius-man-remove-references-to-naslist-and-clients.patch
Patch24: freeradius-valuepair-don-t-remove-unkown-backslash.patch
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
@ -223,6 +224,7 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%build
# Force compile/link options, extra security for network facing daemon