Subject: lib/37055: libradius: rad_create_request(3) does not clear authentic_pos
To: None <lib-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <fukumoto@imasy.or.jp>
List: netbsd-bugs
Date: 10/02/2007 16:25:00
>Number: 37055
>Category: lib
>Synopsis: libradius: rad_create_request(3) does not clear authentic_pos
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: lib-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Oct 02 16:25:00 +0000 2007
>Originator: fukumoto@imasy.or.jp
>Release: NetBSD 4.0_BETA2
>Organization:
>Environment:
System: NetBSD kestrel 4.0_BETA2 NetBSD 4.0_BETA2 (GENERIC.MP) #4: Sat Mar 31 04:34:08 JST 2007 fukumoto@kestrel:/usr/src.netbsd4/sys/arch/i386/compile/GENERIC.MP i386
Architecture: i386
Machine: i386
>Description:
rad_create_request(3) does not clear h->authentic_pos. It is unable to
create requests for multiple times with same rad_handle.
>How-To-Repeat:
>Fix:
--- radlib.c.old 2006-11-10 02:02:52.000000000 +0900
+++ radlib.c 2007-10-03 01:05:28.000000000 +0900
@@ -642,6 +642,7 @@
}
h->req_len = POS_ATTRS;
clear_password(h);
+ h->authentic_pos = 0;
h->request_created = 1;
return 0;
}