ITS#10370 libldap: don't assert on network input

author Howard Chu <hyc@openldap.org>

Wed, 23 Jul 2025 21:05:25 +0000 (22:05 +0100)

committer Quanah Gibson-Mount <quanah@openldap.org>

Mon, 8 Sep 2025 22:54:01 +0000 (22:54 +0000)
author Howard Chu <hyc@openldap.org>
Wed, 23 Jul 2025 21:05:25 +0000 (22:05 +0100)
committer Quanah Gibson-Mount <quanah@openldap.org>
Mon, 8 Sep 2025 22:54:01 +0000 (22:54 +0000)
diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c

index 28b0e2f2cc9605f37fc0da4a9286b2ad4820a618..681c17662645db823759b9d2f132ecdfa815ef2c 100644 (file)
--- a/libraries/libldap/result.c
+++ b/libraries/libldap/result.c
@@ -998,14 +998,13 @@ nextresp2:
                         static struct berval    bv_nod = BER_BVC( LDAP_NOTICE_OF_DISCONNECTION );
                         struct berval           resoid = BER_BVNULL;
  
-                       if ( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) {
+                       if (( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) ||
+                               BER_BVISEMPTY( &resoid )) {
                                 ld->ld_errno = LDAP_DECODING_ERROR;
                                 ber_free( ber, 1 );
                                 return -1;
                         }
  
-                       assert( !BER_BVISEMPTY( &resoid ) );
-
                         is_nod = ber_bvcmp( &resoid, &bv_nod ) == 0;
  
                         tag = ber_peek_tag( &tmpber, &len );
author	Howard Chu <hyc@openldap.org>
	Wed, 23 Jul 2025 21:05:25 +0000 (22:05 +0100)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Mon, 8 Sep 2025 22:54:01 +0000 (22:54 +0000)