Add check for the GPO link to have at least two attributes separated by semicolumn...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15877
RN: Fix handling of empty GPO link

Singed-off-by: Alex Sharov (kororland@gmail.com)
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 10 18:55:33 UTC 2025 on atb-devel-224

diff --git a/python/samba/gp/gpclass.py b/python/samba/gp/gpclass.py
index d86aacec13877e0611a7e14720e1816f24f8c009..07b4fb3e7bd06e5fcae8a12ef4144c2f7ca74365 100644 (file)
--- a/python/samba/gp/gpclass.py
+++ b/python/samba/gp/gpclass.py
@@ -673,8 +673,10 @@ class GP_LINK:
         self.gp_opts = int(gPOptions)
 
     def gpo_parse_gplink(self, gPLink):
         self.gp_opts = int(gPOptions)
 
     def gpo_parse_gplink(self, gPLink):

+        # normally formed link looks like [LDAP://host/path;options]
+        # empty link looks like [ ]

         for p in gPLink.decode().split(']'):
         for p in gPLink.decode().split(']'):

-            if not p:
+            if not p or ';' not in p:

                 continue
             log.debug('gpo_parse_gplink: processing link')
             p = p.lstrip('[')
                 continue
             log.debug('gpo_parse_gplink: processing link')
             p = p.lstrip('[')