lanserv: Fix an issue with authorization range checking

A recent change added a range check on authorization type, but it didn't take into account the RMCP authorization type that's special. Add a check for that. Fixes: b52e8e2 "lanserv: Check some bounds on incoming messages" Signed-off-by: Corey Minyard <[email protected]>
cminyard · Aug 1, 2024 · 4c129d0 · 4c129d0
1 parent 663e3cd
commit 4c129d0
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
@@ -3054,18 +3054,15 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
     }
 
     msg.authtype = data[4];
-    if (msg.authtype >= MAX_IPMI_AUTHS) {
-	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
-		 "LAN msg failure: Invalid authtype");
-	return;
-    }
-
     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
 	ipmi_handle_rmcpp_msg(lan, &msg);
+    } else if (msg.authtype >= MAX_IPMI_AUTHS) {
+	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
+			  "LAN msg failure: Invalid authtype: %d", data[4]);
+	return;
     } else {
 	ipmi_handle_rmcp_msg(lan, &msg);
     }
-
 }
 
 static void