ITS#9803 Drop connection when receiving non-LDAP data

2026-01-02 04:59:39 -05:00 · 2022-03-07 10:06:49 +00:00 · 2022-03-07 10:06:49 +00:00 · e8813b12b6
commit e8813b12b6
parent 34ebfac7ef
1 changed files with 10 additions and 4 deletions
--- a/libraries/libldap/result.c
+++ b/libraries/libldap/result.c
@ -506,6 +506,16 @@ nextresp3:
 		lc->lconn_ber = NULL;
 		break;

+	default:
+		/*
+		 * We read a BerElement that isn't LDAP or the stream has desync'd.
+		 * In either case, anything we read from now on is probably garbage,
+		 * just drop the connection.
+		 */
+		ber_free( ber, 1 );
+		lc->lconn_ber = NULL;
+		/* FALLTHRU */
+
 	case LBER_DEFAULT:
 fail:
 		err = sock_errno();
@ -521,10 +531,6 @@ fail:
 		}
 		lc->lconn_status = 0;
 		return -1;
-
-	default:
-		ld->ld_errno = LDAP_LOCAL_ERROR;
-		return -1;
 	}

 	/* message id */