Date: Wed, 19 Nov 2003 02:17:03 -0500 From: Barney Wolff <barney@databus.com> To: Boris Kovalenko <boris@tagnet.ru> Cc: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: ppp RADIUS accounting bug Message-ID: <20031119071703.GA38863@pit.databus.com> In-Reply-To: <3FBAEAC1.7090709@tagnet.ru> References: <3FBAEAC1.7090709@tagnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 19, 2003 at 09:00:01AM +0500, Boris Kovalenko wrote: > > I found a serious bug in RADIUS accounting code. The problem is that > OctetsIn and OctetsOut are defined as unsingned long long, but the > RADIUS supports only INT32 values, so, when > we're doing rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, > stats->OctetsOut) in radius.c for OctetsOut (and OctetsIn also) we > loosing information if OctetsOut is greater then INT32_MAX. This should > be fixed. Note that RADIUS integers are unsigned, so the limit is 2^32-1. Also, RFC2869 defines attributes to hold the high-order parts. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031119071703.GA38863>