auth: Avoid assert-crash if returning ":default" passdb or userdb extra field

author Timo Sirainen <timo.sirainen@open-xchange.com>

Thu, 11 Sep 2025 12:25:25 +0000 (15:25 +0300)

committer aki.tuomi <aki.tuomi@open-xchange.com>

Sat, 20 Sep 2025 07:03:34 +0000 (07:03 +0000)
author Timo Sirainen <timo.sirainen@open-xchange.com>
Thu, 11 Sep 2025 12:25:25 +0000 (15:25 +0300)
committer aki.tuomi <aki.tuomi@open-xchange.com>
Sat, 20 Sep 2025 07:03:34 +0000 (07:03 +0000)
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c

index aa249654be7616b3b63b3f7bd1267ef88b8669f6..d7dbd259263a5fd1cf96cbf23a6563e4f2bf0e7e 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -1998,6 +1998,8 @@ void auth_request_set_field(struct auth_request *request,
         if (name_len > 8 && strcmp(name+name_len-8, ":default") == 0) {
                 /* set this field only if it hasn't been set before */
                 name = t_strndup(name, name_len-8);
+               if (name[0] == '\0')
+                       return; /* ":default" is invalid */
                 if (auth_fields_exists(request->fields.extra_fields, name))
                         return;
         } else if (name_len > 7 && strcmp(name+name_len-7, ":remove") == 0) {
@@ -2228,6 +2230,8 @@ void auth_request_set_userdb_field(struct auth_request *request,
                 name = t_strndup(name, name_len-8);
                 if (auth_fields_exists(request->fields.userdb_reply, name))
                         return;
+               if (name[0] == '\0')
+                       return; /* ":default" is invalid */
         } else if (name_len > 7 && strcmp(name+name_len-7, ":remove") == 0) {
                 /* remove this field entirely */
                 name = t_strndup(name, name_len-7);
author	Timo Sirainen <timo.sirainen@open-xchange.com>
	Thu, 11 Sep 2025 12:25:25 +0000 (15:25 +0300)
committer	aki.tuomi <aki.tuomi@open-xchange.com>
	Sat, 20 Sep 2025 07:03:34 +0000 (07:03 +0000)