[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8516) TAG decoding incorrect when longer than 1 byte

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8516) TAG decoding incorrect when longer than 1 byte
From: elecharny@gmail.com
Date: Tue, 11 Oct 2016 22:51:51 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Le 11/10/16 Ã  19:56, Hallvard Breien Furuseth a Ã©crit :
> On 11. okt. 2016 18:10, elecharny@apache.org wrote:
>> IMO, the code that deal with tags in the lber decode.c
>> ber_tag_and_rest() method
>> is incorrectly decoding tags that are longer than 1 byte. (...)
>
> It's far too late to change the ASN.1 <-> integer mapping. liblber is
> widely used outside OpenLDAP, we don't know if we'd break something.
I think I overlooked the origial code. See later...

>
> As lber.h explains:
>  * ber_tag_t represents the identifier octets at the beginning of BER
>  * elements.  OpenLDAP treats them as mere big-endian unsigned integers.

Indeed. That means the method just grabs bytes without taking care of
the 'continuation' bits (ie the 7th bit if there are more bytes after),
and returns a long.
>
> I wish it had at least used little-endian so we could check the class
> and P/C bits with a simple '&' operation. Oh well.

Well, the way this function works make it hard to do so, I agree. OTOH,
it means this ITS can be closed, because it's based on a wrong
understanding on what this method does. It's not bugy, it's just doing
somethig different than what I was expecting.

Thanks !

Prev by Date: Re: (ITS#8516) TAG decoding incorrect when longer than 1 byte
Next by Date: Re: (ITS#8510) OpenLDAP Crash when using ppolicy
Index(es):
- Chronological
- Thread