Mailing List Archive

From:: Theo Buehler <tb@theobuehler.org>
Subject:: Re: relayd: missing NULL check for bsearch
To:: Jan Schreiber <jes@posteo.de>
Cc:: tech@openbsd.org
Date:: Thu, 2 Apr 2026 15:40:49 +0200

Download raw body.

Thread

2026-04-01 19:46 Jan Schreiber:
relayd: missing NULL check for bsearch
- 2026-04-02 13:40 Theo Buehler:
  relayd: missing NULL check for bsearch

On Wed, Apr 01, 2026 at 07:46:26PM +0000, Jan Schreiber wrote:
> Hi,
> 
> following bsearch call in relay_httperror_byid is missing a NULL check.

Committed, thanks.

The other important piece of information is whether the callers of
relay_httperror_byid() can handle the NULL return. There is one of
them and it can.


> The fix uses the same pattern as the other bsearch call.
> 
> Jan
> 
> diff --git usr.sbin/relayd/relay_http.c usr.sbin/relayd/relay_http.c
> index 056cd076171..aefc6157f77 100644
> --- usr.sbin/relayd/relay_http.c
> +++ usr.sbin/relayd/relay_http.c
> @@ -1388,11 +1388,12 @@ relay_httperror_byid(u_int id)
>         /* Set up key */
>         error.error_code = (int)id;
> 
> -       res = bsearch(&error, http_errors,
> +       if ((res = bsearch(&error, http_errors,
>             sizeof(http_errors) / sizeof(http_errors[0]) - 1,
> -           sizeof(http_errors[0]), relay_httperror_cmp);
> +           sizeof(http_errors[0]), relay_httperror_cmp)) != NULL)
> +               return (res->error_name);
> 
> -       return (res->error_name);
> +       return NULL;
>  }
>

2026-04-01 19:46 Jan Schreiber:
relayd: missing NULL check for bsearch
- 2026-04-02 13:40 Theo Buehler:
  relayd: missing NULL check for bsearch