From 2ad37f4cc3d545149f680d6a8b0ff31e0ea84edc Mon Sep 17 00:00:00 2001
From: Erik Boasson <eb@ilities.com>
Date: Tue, 16 Apr 2024 07:40:06 +0200
Subject: [PATCH] Fix handling of empty second copy of PropertySeq

This changes the handling of PropertySeq and BinaryPropertySeq to always return the latest
one in the message.  Without this change a second (or later) empty sequence would be
ignored, but a second (or later) non-empty sequence would be returned.  The memory is
initialised to an empty sequence on allocation, so it doesn't affect the behaviour for the
first copy.  This matters insofar as being consistent with some other deserialization
functions matters.

Signed-off-by: Erik Boasson <eb@ilities.com>
---
 .../core/src/dds_security_serialize.c         | 40 +++++++++----------
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/src/security/core/src/dds_security_serialize.c b/src/security/core/src/dds_security_serialize.c
index 5f0b640bb5..1f0d9c7646 100644
--- a/src/security/core/src/dds_security_serialize.c
+++ b/src/security/core/src/dds_security_serialize.c
@@ -631,22 +631,20 @@ DDS_Security_Deserialize_PropertySeq(
        sequence is 4+1+(3 pad)+4+1 = 13 bytes.  Just use 8 because it is way faster
        and just as good for checking that the length value isn't completely ridiculous. */
     const uint32_t minpropsize = (uint32_t) (2 * sizeof (uint32_t));
-    int r = 1;
     uint32_t length;
-
     if (!DDS_Security_Deserialize_uint32_t(dser, &length)) {
         return 0;
-    } else if (length > dser->remain / minpropsize) {
+    }
+    if (length > dser->remain / minpropsize) {
         return 0;
-    } else if (length > 0) {
-        DDS_Security_PropertySeq_deinit(seq);
-        seq->_length = seq->_maximum = length;
-        seq->_buffer = DDS_Security_PropertySeq_allocbuf(seq->_length);
-        for (uint32_t i = 0; i < seq->_length && r; i++) {
-            r = DDS_Security_Deserialize_Property(dser, &seq->_buffer[i]);
-        }
     }
-
+    DDS_Security_PropertySeq_deinit(seq);
+    seq->_length = seq->_maximum = length;
+    seq->_buffer = (seq->_length == 0) ? NULL : DDS_Security_PropertySeq_allocbuf(seq->_length);
+    int r = 1;
+    for (uint32_t i = 0; i < seq->_length && r; i++) {
+        r = DDS_Security_Deserialize_Property(dser, &seq->_buffer[i]);
+    }
     return r;
 }
 
@@ -659,22 +657,20 @@ DDS_Security_Deserialize_BinaryPropertySeq(
        Just use 8 because it is way faster and just as good for checking that the length
        value isn't completely ridiculous. */
     const uint32_t minpropsize = (uint32_t) (2 * sizeof (uint32_t));
-    int r = 1;
     uint32_t length;
-
     if (!DDS_Security_Deserialize_uint32_t(dser, &length)) {
         return 0;
-    } else if (length > dser->remain / minpropsize) {
+    }
+    if (length > dser->remain / minpropsize) {
         return 0;
-    } else if (length > 0) {
-        DDS_Security_BinaryPropertySeq_deinit(seq);
-        seq->_length = seq->_maximum = length;
-        seq->_buffer = DDS_Security_BinaryPropertySeq_allocbuf(seq->_length);
-        for (uint32_t i = 0; i < seq->_length && r; i++) {
-            r = DDS_Security_Deserialize_BinaryProperty(dser, &seq->_buffer[i]);
-        }
     }
-
+    DDS_Security_BinaryPropertySeq_deinit(seq);
+    seq->_length = seq->_maximum = length;
+    seq->_buffer = (seq->_length == 0) ? NULL : DDS_Security_BinaryPropertySeq_allocbuf(seq->_length);
+    int r = 1;
+    for (uint32_t i = 0; i < seq->_length && r; i++) {
+        r = DDS_Security_Deserialize_BinaryProperty(dser, &seq->_buffer[i]);
+    }
     return r;
 }