Security Fix (CVE-2005-0108)
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02

Index: mod_auth_radius.c
--- mod_auth_radius.c.orig	2003-03-24 20:16:15 +0100
+++ mod_auth_radius.c	2007-01-21 00:12:03 +0100
@@ -971,9 +971,12 @@
   }
   return attr;
 }
-#define radcpy(STRING, ATTR) {memcpy(STRING, ATTR->data, ATTR->length - 2); \
-                              (STRING)[ATTR->length - 2] = 0;}
 
+#define radcpy(STRING, ATTR) do { \
+				  unsigned char len = ATTR->length; \
+				  if (len >= 2) len-=2; \
+				  memcpy(STRING, ATTR->data, len); \
+				  (STRING)[len] = 0;} while (0)
 
 /* authentication module utility functions */
 static int