[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8516) TAG decoding incorrect when longer than 1 byte

Le 11/10/16 à 19:56, Hallvard Breien Furuseth a écrit :
> On 11. okt. 2016 18:10, elecharny@apache.org wrote:
>> IMO, the code that deal with tags in the lber decode.c
>> ber_tag_and_rest() method
>> is incorrectly decoding tags that are longer than 1 byte. (...)
> It's far too late to change the ASN.1 <-> integer mapping. liblber is
> widely used outside OpenLDAP, we don't know if we'd break something.
I think I overlooked the origial code. See later...

> As lber.h explains:
>  * ber_tag_t represents the identifier octets at the beginning of BER
>  * elements.  OpenLDAP treats them as mere big-endian unsigned integers.

Indeed. That means the method just grabs bytes without taking care of
the 'continuation' bits (ie the 7th bit if there are more bytes after),
and returns a long.
> I wish it had at least used little-endian so we could check the class
> and P/C bits with a simple '&' operation. Oh well.

Well, the way this function works make it hard to do so, I agree. OTOH,
it means this ITS can be closed, because it's based on a wrong
understanding on what this method does. It's not bugy, it's just doing
somethig different than what I was expecting.

Thanks !