Apparently I missed one...
On Thu, 2020-09-03 at 18:00 +0200, Martijn van Duren wrote:
> Just reminded myself of this one.
> The manpage says nothing about ober_read_elements setting errno upon
> failure, yet it does in most cases. Furthermore, applications like
> snmpd use errno in ober_read_elements to determine if a read is
> incomplete (checking for ECANCELED), without initializing errno to
> 0.
>
> The danger here is that since some stale errno might linger and a
> return from ober_read_elements with NULL could test against an old
> errno.
>
> Diff below tries to remedy this.
>
> OK?
>
> martijn@
Index: ber.c
===================================================================
RCS file: /cvs/src/lib/libutil/ber.c,v
retrieving revision 1.16
diff -u -p -r1.16 ber.c
--- ber.c 3 Sep 2020 17:01:15 -0000 1.16
+++ ber.c 3 Sep 2020 18:47:38 -0000
@@ -1258,8 +1258,10 @@ ober_read_element(struct ber *ber, struc
}
case BER_TYPE_INTEGER:
case BER_TYPE_ENUMERATED:
- if (len > (ssize_t)sizeof(long long))
+ if (len > (ssize_t)sizeof(long long)) {
+ errno = ERANGE;
return -1;
+ }
for (i = 0; i < len; i++) {
if (ober_getc(ber, &c) != 1)
return -1;
