From af9fc63c2cdf4d533e601fad6ef1d36fb3c72fa4 Mon Sep 17 00:00:00 2001 From: Artem Seleznev Date: Thu, 21 Aug 2025 12:29:36 +0300 Subject: [PATCH 1/3] Svace static analyzer fix --- v3/control.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/v3/control.go b/v3/control.go index 7f5d76c..a879e9d 100644 --- a/v3/control.go +++ b/v3/control.go @@ -673,6 +673,9 @@ func DecodeControl(packet *ber.Packet) (Control, error) { c := &ControlVChuPasswordMustChange{MustChange: true} return c, nil case ControlTypeVChuPasswordWarning: + if value == nil || value.Data == nil { + return nil, fmt.Errorf("invalid value for Control Type ControlTypeVChuPasswordWarning: %v", value) + } c := &ControlVChuPasswordWarning{Expire: -1} expireStr := ber.DecodeString(value.Data.Bytes()) From 7235d32921289c8fc14235257ac73f15d803a0d6 Mon Sep 17 00:00:00 2001 From: Artem Seleznev Date: Wed, 17 Sep 2025 10:19:58 +0300 Subject: [PATCH 2/3] Update control.go --- v3/control.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/v3/control.go b/v3/control.go index a879e9d..4c8d495 100644 --- a/v3/control.go +++ b/v3/control.go @@ -605,6 +605,9 @@ func DecodeControl(packet *ber.Packet) (Control, error) { case ControlTypeManageDsaIT: return NewControlManageDsaIT(Criticality), nil case ControlTypePaging: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypePaging") + } value.Description += " (Paging)" c := new(ControlPaging) if value.Value != nil { @@ -625,6 +628,9 @@ func DecodeControl(packet *ber.Packet) (Control, error) { value.Children[1].Value = c.Cookie return c, nil case ControlTypeBeheraPasswordPolicy: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypeBeheraPasswordPolicy") + } value.Description += " (Password Policy - Behera)" c := NewControlBeheraPasswordPolicy() if value.Value != nil { @@ -700,9 +706,15 @@ func DecodeControl(packet *ber.Packet) (Control, error) { case ControlTypeServerSideSortingResult: return NewControlServerSideSortingResult(value) case ControlTypeDirSync: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypeDirSync") + } value.Description += " (DirSync)" return NewResponseControlDirSync(value) case ControlTypeSyncState: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypeSyncState") + } value.Description += " (Sync State)" valueChildren, err := ber.DecodePacketErr(value.Data.Bytes()) if err != nil { @@ -710,6 +722,9 @@ func DecodeControl(packet *ber.Packet) (Control, error) { } return NewControlSyncState(valueChildren) case ControlTypeSyncDone: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypeSyncDone") + } value.Description += " (Sync Done)" valueChildren, err := ber.DecodePacketErr(value.Data.Bytes()) if err != nil { @@ -717,6 +732,9 @@ func DecodeControl(packet *ber.Packet) (Control, error) { } return NewControlSyncDone(valueChildren) case ControlTypeSyncInfo: + if value == nil { + return nil, fmt.Errorf("nil value for Control Type ControlTypeSyncInfo") + } value.Description += " (Sync Info)" valueChildren, err := ber.DecodePacketErr(value.Data.Bytes()) if err != nil { From 310ad6984e2a677c74a17c4bb53ae853802d61e7 Mon Sep 17 00:00:00 2001 From: Artem Seleznev Date: Thu, 18 Sep 2025 15:56:59 +0300 Subject: [PATCH 3/3] outofrange and nil dereference panics fix --- v3/control.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/v3/control.go b/v3/control.go index 4c8d495..944a7f5 100644 --- a/v3/control.go +++ b/v3/control.go @@ -929,6 +929,9 @@ func (c *ControlServerSideSorting) GetControlType() string { } func NewControlServerSideSorting(value *ber.Packet) (*ControlServerSideSorting, error) { + if value == nil || len(value.Children) < 2 { + return new(ControlServerSideSorting), nil + } sortKeys := []*SortKey{} val := value.Children[1].Children