aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols/radius.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols/radius.c')
-rw-r--r--src/lib/protocols/radius.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/protocols/radius.c b/src/lib/protocols/radius.c
index 1c85f48d7..209e71177 100644
--- a/src/lib/protocols/radius.c
+++ b/src/lib/protocols/radius.c
@@ -39,10 +39,13 @@ static void ndpi_check_radius(struct ndpi_detection_module_struct *ndpi_struct,
if(packet->udp != NULL) {
struct radius_header *h = (struct radius_header*)packet->payload;
+ /* RFC2865: The minimum length is 20 and maximum length is 4096. */
+ if((payload_len < 20) || (payload_len > 4096))
+ return;
if((payload_len > sizeof(struct radius_header))
&& (h->code > 0)
- && (h->code <= 5)
+ && (h->code <= 13)
&& (ntohs(h->len) == payload_len)) {
NDPI_LOG_INFO(ndpi_struct, "Found radius\n");
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_RADIUS, NDPI_PROTOCOL_UNKNOWN);
Powered by cgit, Themed by Ted Yin.