From a306fce8e44e36f1ebd692b045430faa2d15c7b1 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Wed, 23 Jul 2025 22:05:25 +0100 Subject: [PATCH] ITS#10370 libldap: don't assert on network input --- libraries/libldap/result.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c index 28b0e2f2cc..681c176626 100644 --- a/libraries/libldap/result.c +++ b/libraries/libldap/result.c @@ -998,14 +998,13 @@ nextresp2: static struct berval bv_nod = BER_BVC( LDAP_NOTICE_OF_DISCONNECTION ); struct berval resoid = BER_BVNULL; - if ( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) { + if (( ber_scanf( &tmpber, "m", &resoid ) == LBER_ERROR ) || + BER_BVISEMPTY( &resoid )) { ld->ld_errno = LDAP_DECODING_ERROR; ber_free( ber, 1 ); return -1; } - assert( !BER_BVISEMPTY( &resoid ) ); - is_nod = ber_bvcmp( &resoid, &bv_nod ) == 0; tag = ber_peek_tag( &tmpber, &len ); -- 2.47.3