Hi Martijn, last November you fixed ber.c so that sequences won't generate an uninitialized subelement.
This revealed another bug in ober_scanf_elements(): it couldn't process sequences with an empty list of subelements. The following code failed in ober_scanf_elements(): struct ber_element *root; struct ber_element *sub; if ((root = ober_add_sequence(NULL)) == NULL) err(1, "ober_add_sequence() failed"); errno = 0; if (ober_scanf_elements(root, "{e", &sub)) err(1, "ober_scanf_elements() failed"); printf("sub = %p\n", sub); The patch below fixes that. Gerhard Index: lib/libutil/ber.c =================================================================== RCS file: /cvs/src/lib/libutil/ber.c,v retrieving revision 1.24 diff -u -p -u -p -r1.24 ber.c --- lib/libutil/ber.c 3 Nov 2022 17:58:10 -0000 1.24 +++ lib/libutil/ber.c 21 Aug 2023 07:24:21 -0000 @@ -700,7 +700,8 @@ ober_scanf_elements(struct ber_element * va_start(ap, fmt); while (*fmt) { - if (ber == NULL && *fmt != '$' && *fmt != '}' && *fmt != ')') + if (ber == NULL && *fmt != '$' && *fmt != '}' && *fmt != ')' && + *fmt != 'e') goto fail; switch (*fmt++) { case '$': @@ -797,7 +798,7 @@ ober_scanf_elements(struct ber_element * if (ber->be_encoding != BER_TYPE_SEQUENCE && ber->be_encoding != BER_TYPE_SET) goto fail; - if (ber->be_sub == NULL || level >= _MAX_SEQ-1) + if (level >= _MAX_SEQ-1) goto fail; parent[++level] = ber; ber = ber->be_sub;
smime.p7s
Description: S/MIME cryptographic signature