Skip to content

Commit

Permalink
pppd: Fix auth_number() to handle wildcards correctly
Browse files Browse the repository at this point in the history 
Previously auth_number treated all entries in the permitted_numbers
list as if they were wildcards, i.e., as ending in '*', even if there
was no '*'.  This fixes it to only treat entries ending in '*' as
wildcards; without the '*', remote_number has to match the whole entry
exactly.

Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
  • Loading branch information
@paulusmack
paulusmack committed Aug 17, 2024
1 parent fa612cb commit 9b222db
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions pppd/auth.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2154,7 +2154,7 @@ int
auth_number(void)
{
struct wordlist *wp = permitted_numbers;
int l;
size_t l;

/* Allow all if no authorization list. */
if (!wp)
Expand All @@ -2164,9 +2164,10 @@ auth_number(void)
while (wp) {
/* trailing '*' wildcard */
l = strlen(wp->word);
if ((wp->word)[l - 1] == '*')
l--;
if (!strncasecmp(wp->word, remote_number, l))
if (l > 0 && (wp->word)[l - 1] == '*') {
if (!strncasecmp(wp->word, remote_number, l - 1))
return 1;
} else if (strcasecmp(wp->word, remote_number) == 0)
return 1;
wp = wp->next;
}
Expand Down

0 comments on commit 9b222db

Please sign in to comment.