From: Ondřej Kuzník <ondra@mistotebe.net>
Date: Mon, 7 Mar 2022 10:06:49 +0000 (+0000)
Subject: ITS#9803 Drop connection when receiving non-LDAP data
X-Git-Tag: OPENLDAP_REL_ENG_2_5_12~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=082ba67a0052adfc8a428f12a0ccbce86c0d2072;p=thirdparty%2Fopenldap.git

ITS#9803 Drop connection when receiving non-LDAP data
---

diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c
index c1b4a457f0..40ff1c1722 100644
--- a/libraries/libldap/result.c
+++ b/libraries/libldap/result.c
@@ -506,6 +506,16 @@ nextresp3:
 		lc->lconn_ber = NULL;
 		break;
 
+	default:
+		/*
+		 * We read a BerElement that isn't LDAP or the stream has desync'd.
+		 * In either case, anything we read from now on is probably garbage,
+		 * just drop the connection.
+		 */
+		ber_free( ber, 1 );
+		lc->lconn_ber = NULL;
+		/* FALLTHRU */
+
 	case LBER_DEFAULT:
 fail:
 		err = sock_errno();
@@ -521,10 +531,6 @@ fail:
 		}
 		lc->lconn_status = 0;
 		return -1;
-
-	default:
-		ld->ld_errno = LDAP_LOCAL_ERROR;
-		return -1;
 	}
 
 	/* message id */