Re: ppp RADIUS accounting bug

From: Boris Kovalenko <boris_at_ntmk.ru>
Date: Wed, 19 Nov 2003 12:38:27 +0500
Hello!

    Yes, unsigned, so we have 4G limit, which may simple be overflowed 
by (for example) PPPoE connection. Yes, RADIUS standard defines new 
attributes for big words, but current PPP does not supports it (it, so 
our knowledge about RFC is useless :) Again, rad_put_int defined 
u_int32_t parameter, so if a have dowloaded 4.5G (for example) what 
number will send to radius?

Regards,
    Boris

Barney Wolff wrote:

>On Wed, Nov 19, 2003 at 09:00:01AM +0500, Boris Kovalenko wrote:
>  
>
>>   I found a serious bug in RADIUS accounting code. The problem is that
>>OctetsIn and OctetsOut are defined as unsingned long long, but the 
>>RADIUS supports only INT32 values, so, when
>>we're doing rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, 
>>stats->OctetsOut) in radius.c for OctetsOut (and OctetsIn also) we 
>>loosing information if OctetsOut is greater then INT32_MAX. This should 
>>be fixed.
>>    
>>
>
>Note that RADIUS integers are unsigned, so the limit is 2^32-1.
>Also, RFC2869 defines attributes to hold the high-order parts.
>
>  
>
Received on Tue Nov 18 2003 - 22:38:42 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:29 UTC