Corrupt error handling in dlp_VFSDirEntryEnumerate in dlp.c #9
Description
Because result is defined as unsigned, it will never be negative. So the code after if (result > 0) becomes always executed, even on negative error result from dlp_exec (sd, req, &res). So result should be defined signed int. Compare with similar function dlp_VFSVolumeEnumerate().
Additionally, the else part of the later if (result) will never be reached, as result will always be non-zero at this branch.
int
dlp_VFSDirEntryEnumerate(int sd, FileRef dirRefNum,
unsigned long *dirIterator, int *maxDirItems, struct VFSDirInfo *data)
{
unsigned int result,
[.....]
result = dlp_exec (sd, req, &res);
[.....]
if (result > 0) {
if (result) {
*dirIterator = get_long (DLP_RESPONSE_DATA (res, 0, 0));
entries = get_long (DLP_RESPONSE_DATA (res, 0, 4));
} else {
*dirIterator = vfsIteratorStop;
entries = 0;
}
[.....]