[PATCH] Issue 5418 - Sync_repl may crash while managing invalid cookie (#5420)

Bug description:
        If the servers receives an invalid cookie without separator '#',
        it parses it into an empty cookie (Sync_Cookie) instead of a NULL
        cookie (failure).
        Later it sigsegv when using the empty cookie.

Fix description:
        If the parsing fails return NULL

relates: #5418

Reviewed by: Viktor Ashirov, Mark Reynolds, William Brown, Simon Pichugin (thanks !)

Gbp-Pq: Name CVE-2022-2850.patch

diff --git a/ldap/servers/plugins/sync/sync_util.c b/ldap/servers/plugins/sync/sync_util.c
index 8c2c42d0db8dfbc21196aa6c9609adf2d2a7c039..73f003921638577403f80ca8a04e055649d2480f 100644 (file)
--- a/ldap/servers/plugins/sync/sync_util.c
+++ b/ldap/servers/plugins/sync/sync_util.c
@@ -546,6 +546,8 @@ sync_cookie_parse(char *cookie)
         } else {
             goto error_return;
         }
+    } else {
+            goto error_return;
     }
     return (sc);
 error_return: