Mercurial > hg > waaad
changeset 279:3c1b2f974e14
Fix broken sanity check, bis
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Fri, 19 Dec 2008 15:27:46 +0900 |
parents | db74ce92d203 |
children | 957b07a2c684 |
files | waaad/peer-cer_cea.c |
diffstat | 1 files changed, 104 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/waaad/peer-cer_cea.c Fri Dec 19 15:24:52 2008 +0900 +++ b/waaad/peer-cer_cea.c Fri Dec 19 15:27:46 2008 +0900 @@ -917,16 +917,16 @@ goto next; } - if (avpdata->avp_data == NULL) { - /* Ignore if the data is not set -- this is more like a sanity check */ - TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); - msg_dump_one(FULL, avp); - ASSERT(0); /* To check if this really happens, and understand why... */ - goto next; - } - switch (avpdata->avp_code) { case AC_ORIGIN_HOST: /* Origin-Host */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + /* Check that the remote peer is the peer we wanted to connect to */ if (strncasecmp(peer->p_diamid, (char *)avpdata->avp_data->os.data, avpdata->avp_data->os.len)) { log_error("The CEA received from peer '%s' contains invalid Origin-Host (bad IP?), resetting connection", peer->p_diamid); @@ -936,6 +936,14 @@ break; case AC_ORIGIN_REALM: /* Origin-Realm */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + /* Copy the value into peer->p_realm, as a lowercase string */ free(peer->p_realm); CHECK_MALLOC( peer->p_realm = (char *) malloc( avpdata->avp_data->os.len + 1 ) ); @@ -946,6 +954,14 @@ break; case AC_HOST_IP_ADDRESS: /* Host-IP-Address */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + if (peer->p_peeraddr_sz == 0) { CHECK_MALLOC( peer->p_peeraddr = (sSS *) malloc( sizeof(sSS) ) ); } else { @@ -963,10 +979,26 @@ case AC_VENDOR_ID: /* Vendor-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + peer->p_vendor = avpdata->avp_data->u32; break; case AC_PRODUCT_NAME: /* Product-Name */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + free(peer->p_prodname); CHECK_MALLOC( peer->p_prodname = (char *) malloc( avpdata->avp_data->os.len + 1 ) ); @@ -975,10 +1007,26 @@ break; case AC_ORIGIN_STATE_ID: /* Origin-State-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + peer->p_orstate = avpdata->avp_data->u32; break; case AC_SUPPORTED_VENDOR_ID: /* Supported-Vendor-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + TRACE_DEBUG(FULL, "Info: The remote peer claims support for (a subset of) vendor %d features...", avpdata->avp_data->u32); break; @@ -1037,14 +1085,38 @@ break; case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + CHECK_FCT( _peer_struct_appl_add(peer, avpdata->avp_data->u32, 0, APP_TYPE_AUTH) ); break; case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + CHECK_FCT( _peer_struct_appl_add(peer, avpdata->avp_data->u32, 0, APP_TYPE_ACCT) ); break; case AC_INBAND_SECURITY_ID: /* Inband-Security-Id */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + if (secidset) { log_error("Multiple Inband-Security-Id AVP in CEA from '%s', not supported.", peer->p_diamid); return EBADMSG; @@ -1070,14 +1142,38 @@ break; case AC_FIRMWARE_REVISION: /* Firmware-Revision */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + peer->p_firmrev = avpdata->avp_data->u32; break; case AC_RESULT_CODE: /* Result-Code */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + errorcode = avpdata->avp_data->u32; break; case AC_ERROR_MESSAGE: /* Error-Message */ + if (avpdata->avp_data == NULL) { + /* Ignore if the data is not set -- this is more like a sanity check */ + TRACE_DEBUG(FULL, "Ignored an AVP with unset value in CEA"); + msg_dump_one(FULL, avp); + ASSERT(0); /* To check if this really happens, and understand why... */ + goto next; + } + log_normal("The CEA received from peer '%s' contains an Error-Message AVP", peer->p_diamid); msg_dump_one(INFO, avp); break;