sftp: check ParseAttributes return in RecvOpen

ejohnstown · padelsbach · commit e931db66683a · 2026-05-07T10:04:14.000-07:00
Set ret = WS_BAD_FILE_E and jump to cleanup on parse failure
instead of ignoring the return value.

Issue: CID 645982
diff --git a/src/wolfsftp.c b/src/wolfsftp.c
@@ -2069,7 +2069,12 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
     }
 
     /* @TODO handle attributes */
-    SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz);
+    if (SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz)
+            != WS_SUCCESS) {
+        ret = WS_BAD_FILE_E;
+        goto cleanup;
+    }
+
     if ((reason & WOLFSSH_FXF_READ) && (reason & WOLFSSH_FXF_WRITE)) {
         WLOG(WS_LOG_SFTP, "Opening file with WOLFSSH_O_RDWR");
         m |= WOLFSSH_O_RDWR;
@@ -2277,7 +2282,11 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
 
 #if 0
     /* @TODO handle attributes */
-    SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz);
+    if (SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz)
+            != WS_SUCCESS) {
+        ret  = WS_BAD_FILE_E;
+        goto cleanup;
+    }
 #endif
 
     if (reason & WOLFSSH_FXF_READ) {
