From: Philipp <philipp+openbsd@bureaucracy.de>
Subject: aldap_parse: infinit loop when connection closed
To: tech@openbsd.org
Date: Mon, 19 Feb 2024 14:10:37 +0100

Hi

I noticed that aldap_parse() get stuck in an infinit loop when the fd is
closed. The read loop only breaks when successfull parse a message or
the read fails. But read() on a closed fd return 0 not -1. A patch is
attached.

Philipp

diff --git a/libexec/login_ldap/aldap.c b/libexec/login_ldap/aldap.c
index d5f5769f5d5..e1bd5c04600 100644
--- a/libexec/login_ldap/aldap.c
+++ b/libexec/login_ldap/aldap.c
@@ -369,7 +369,7 @@ aldap_parse(struct aldap *ldap)
 			} else
 				ret = read(ldap->fd, rbuf, sizeof(rbuf));
 
-			if (ret == -1) {
+			if (ret <= 0) {
 				goto parsefail;
 			}
 
diff --git a/usr.bin/ldap/aldap.c b/usr.bin/ldap/aldap.c
index aee14a62a7a..26ffd8a6055 100644
--- a/usr.bin/ldap/aldap.c
+++ b/usr.bin/ldap/aldap.c
@@ -369,7 +369,7 @@ aldap_parse(struct aldap *ldap)
 			} else
 				ret = read(ldap->fd, rbuf, sizeof(rbuf));
 
-			if (ret == -1) {
+			if (ret <= 0) {
 				goto parsefail;
 			}
 
diff --git a/usr.sbin/ypldap/aldap.c b/usr.sbin/ypldap/aldap.c
index 4efedbeffdb..6fb1c75cc61 100644
--- a/usr.sbin/ypldap/aldap.c
+++ b/usr.sbin/ypldap/aldap.c
@@ -405,7 +405,7 @@ aldap_parse(struct aldap *ldap)
 			} else
 				ret = read(ldap->fd, rbuf, sizeof(rbuf));
 
-			if (ret == -1) {
+			if (ret <= 0) {
 				goto parsefail;
 			}