ITS#10185 autogroup: check for invalid memberURL filter

diff --git a/contrib/slapd-modules/autogroup/autogroup.c b/contrib/slapd-modules/autogroup/autogroup.c
index 3c40daf8efefd49be0c7f7313fafc86a91310d3e..2e1829be6e012533b22eed8f73d0815b22c98a87 100644 (file)
--- a/contrib/slapd-modules/autogroup/autogroup.c
+++ b/contrib/slapd-modules/autogroup/autogroup.c
@@ -684,6 +684,10 @@ autogroup_add_group( Operation *op, autogroup_info_t *agi, autogroup_def_t *agd,
                        if ( lud->lud_filter != NULL ) {
                                ber_str2bv( lud->lud_filter, 0, 1, &agf->agf_filterstr);
                                agf->agf_filter = str2filter( lud->lud_filter );
+                               if ( !agf->agf_filter ) {
+                                       Debug( LDAP_DEBUG_TRACE, "autogroup_add_group: URL filter is invalid <%s>\n", bv->bv_val );
+                                       goto cleanup;
+                               }
                        } else {
                                Debug( LDAP_DEBUG_TRACE, "autogroup_add_group: URL filter is missing <%s>\n", bv->bv_val );
                                /* FIXME: error? */