--- freeradius-server-2.1.11.orig/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2011-06-20 16:57:14.000000000 +0200 +++ freeradius-server-2.1.11/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-11 13:55:45.000000000 +0200 @@ -484,7 +484,7 @@ */ buf[0] = '\0'; asn_time = X509_get_notAfter(client_cert); - if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) { + if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) { memcpy(buf, (char*) asn_time->data, asn_time->length); buf[asn_time->length] = '\0'; pairadd(&handler->certs,