From: Howard Chu <hyc@openldap.org>
Date: Wed, 23 Jul 2025 21:05:25 +0000 (+0100)
Subject: ITS#10370 libldap: don't assert on network input
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a306fce8e44e36f1ebd692b045430faa2d15c7b1;p=thirdparty%2Fopenldap.git

ITS#10370 libldap: don't assert on network input
---

diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c
index 28b0e2f2cc..681c176626 100644
--- a/libraries/libldap/result.c
+++ b/libraries/libldap/result.c
@@ -998,14 +998,13 @@ nextresp2:
 			static struct berval	bv_nod = BER_BVC( LDAP_NOTICE_OF_DISCONNECTION );
 			struct berval		resoid = BER_BVNULL;
 
-			if ( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) {
+			if (( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) ||
+				BER_BVISEMPTY( &resoid )) {
 				ld->ld_errno = LDAP_DECODING_ERROR;
 				ber_free( ber, 1 );
 				return -1;
 			}
 
-			assert( !BER_BVISEMPTY( &resoid ) );
-
 			is_nod = ber_bvcmp( &resoid, &bv_nod ) == 0;
 
 			tag = ber_peek_tag( &tmpber, &len );