Problem with Length check?

[trtracer]

Hi,

i use the ASN1 and LDAP lib to proxy between a Server and a Client. On both sides i had some Problems with some LDAP-Messages.

It seems the encoder/decoder did not continue with some messages because they were to short. It got stuck in BerEncoder.php in decodeLongDefiniteLength()

        if (($lengthOfLength + 1) > ($this->maxLen - $this->pos)) {
            throw new PartialPduException('Not enough data to decode the length.');
        }

In Wireshark everything looks okay.

It works when i remove the "+ 1" from the code.

Tobias

[ChadSikorra]

Did this start to occur after you recently updated the ldap or asn.1 library? I made some changes related to being able to handle SASL that might be related. A hex encoded sample of a message from Wireshark that caused issues might be helpful too (email it to me if it's sensitive / not test data). I will take a look either way to see if I'm over looking something in how that decoding works.

[trtracer]

Attaches please find a packet on which it stuck. I've cut out everything else. If you cannot reproduce it with this single packet let me know.

Cap1.zip

[ChadSikorra]

I still have to take a look at this. Have been pretty busy the past few days. Apologies for the delay. I really appreciate you taking the time to submit this issue though.

[ChadSikorra]

Thank you for the example packet. I was able to reproduce it easily with that. And indeed, looking at the logic there, that is a problem with checking the length of length against the max length minus the current position. I think I had added the "+ 1" to include the length of the tag value, but that is not needed. We only need to see if we have enough length from the current position onward. I'm surprised I have not stumbled across this sooner.

Anyway, I have pushed a fix, added a test, and tagged a new version. Please let me know if you still have any issues. And thanks again for the bug report.