From 5d9681c74743895529c3f427db617f25ea5525bd Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Wed, 6 May 2026 12:00:46 -0700
Subject: [PATCH 1/2] sftp: check ParseAttributes return in RecvOpen

Set ret = WS_BAD_FILE_E and jump to cleanup on parse failure
instead of ignoring the return value.

Issue: CID 645982
---
 src/wolfsftp.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/wolfsftp.c b/src/wolfsftp.c
index 3a7e4bceb..4b3a217dc 100644
--- a/src/wolfsftp.c
+++ b/src/wolfsftp.c
@@ -2069,7 +2069,12 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
     }
 
     /* @TODO handle attributes */
-    SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz);
+    if (SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz)
+            != WS_SUCCESS) {
+        ret = WS_BAD_FILE_E;
+        goto cleanup;
+    }
+
     if ((reason & WOLFSSH_FXF_READ) && (reason & WOLFSSH_FXF_WRITE)) {
         WLOG(WS_LOG_SFTP, "Opening file with WOLFSSH_O_RDWR");
         m |= WOLFSSH_O_RDWR;
@@ -2277,7 +2282,11 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
 
 #if 0
     /* @TODO handle attributes */
-    SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz);
+    if (SFTP_ParseAttributes_buffer(ssh, &atr, data, &idx, maxSz)
+            != WS_SUCCESS) {
+        ret  = WS_BAD_FILE_E;
+        goto cleanup;
+    }
 #endif
 
     if (reason & WOLFSSH_FXF_READ) {

From 5c65962c3676d2d7a75a1a0c4da37f7f3895a1ec Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Wed, 6 May 2026 12:19:45 -0700
Subject: [PATCH 2/2] sftp: check DoStatus return in DoName

Capture the return value, clear state unconditionally, and report
parse failure or non-OK server status via ssh->error instead of
discarding the result.

Issue: CID 572873
---
 src/wolfsftp.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/wolfsftp.c b/src/wolfsftp.c
index 4b3a217dc..f86e27ecc 100644
--- a/src/wolfsftp.c
+++ b/src/wolfsftp.c
@@ -6390,9 +6390,14 @@ static WS_SFTPNAME* wolfSSH_SFTP_DoName(WOLFSSH* ssh)
                 }
 
                 wolfSSH_SFTP_buffer_rewind(&state->buffer);
-                wolfSSH_SFTP_DoStatus(ssh, reqId, &state->buffer);
-                if (!NoticeError(ssh)) {
-                    wolfSSH_SFTP_ClearState(ssh, STATE_ID_NAME);
+                ret = wolfSSH_SFTP_DoStatus(ssh, reqId, &state->buffer);
+                wolfSSH_SFTP_ClearState(ssh, STATE_ID_NAME);
+                if (ret < 0) {
+                    ssh->error = ret;
+                }
+                else if (ret != WOLFSSH_FTP_OK) {
+                    WLOG(WS_LOG_SFTP, "SFTP server returned status %d", ret);
+                    ssh->error = WS_SFTP_STATUS_NOT_OK;
                 }
                 return NULL;
             }