Hi Martijn, last November you fixed ber.c so that sequences won't generate an uninitialized subelement.
This revealed another bug in ober_scanf_elements(): it couldn't
process sequences with an empty list of subelements. The following
code failed in ober_scanf_elements():
struct ber_element *root;
struct ber_element *sub;
if ((root = ober_add_sequence(NULL)) == NULL)
err(1, "ober_add_sequence() failed");
errno = 0;
if (ober_scanf_elements(root, "{e", &sub))
err(1, "ober_scanf_elements() failed");
printf("sub = %p\n", sub);
The patch below fixes that.
Gerhard
Index: lib/libutil/ber.c
===================================================================
RCS file: /cvs/src/lib/libutil/ber.c,v
retrieving revision 1.24
diff -u -p -u -p -r1.24 ber.c
--- lib/libutil/ber.c 3 Nov 2022 17:58:10 -0000 1.24
+++ lib/libutil/ber.c 21 Aug 2023 07:24:21 -0000
@@ -700,7 +700,8 @@ ober_scanf_elements(struct ber_element *
va_start(ap, fmt);
while (*fmt) {
- if (ber == NULL && *fmt != '$' && *fmt != '}' && *fmt != ')')
+ if (ber == NULL && *fmt != '$' && *fmt != '}' && *fmt != ')' &&
+ *fmt != 'e')
goto fail;
switch (*fmt++) {
case '$':
@@ -797,7 +798,7 @@ ober_scanf_elements(struct ber_element *
if (ber->be_encoding != BER_TYPE_SEQUENCE &&
ber->be_encoding != BER_TYPE_SET)
goto fail;
- if (ber->be_sub == NULL || level >= _MAX_SEQ-1)
+ if (level >= _MAX_SEQ-1)
goto fail;
parent[++level] = ber;
ber = ber->be_sub;
smime.p7s
Description: S/MIME cryptographic signature
