CVE-2022-2850 - Sync_repl may crash while managing invalid cookie (#5420) - Issue 5418
Bug description:
If the servers receives an invalid cookie without separator '#',
it parses it into an empty cookie (Sync_Cookie) instead of a NULL
cookie (failure).
Later it sigsegv when using the empty cookie.
Fix description:
If the parsing fails return NULL
relates: #5418
Reviewed by: Viktor Ashirov, Mark Reynolds, William Brown, Simon
Pichugin (thanks !)
Origin: backport, commit:
513a763b551848e5532ec22bb0086464aa09252f
Gbp-Pq: Name CVE-2022-2850-Sync_repl-may-crash-with-invalid-cookie.patch
projects / 389-ds-base.git / commit