Blame SOURCES/httpd-2.4.37-CVE-2021-26690.patch
|
|
295152 |
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
|
|
|
295152 |
index 7ee477c..049255d 100644
|
|
|
295152 |
--- a/modules/session/mod_session.c
|
|
|
295152 |
+++ b/modules/session/mod_session.c
|
|
|
295152 |
@@ -404,8 +404,8 @@ static apr_status_t session_identity_decode(request_rec * r, session_rec * z)
|
|
|
295152 |
char *plast = NULL;
|
|
|
295152 |
const char *psep = "=";
|
|
|
295152 |
char *key = apr_strtok(pair, psep, &plast);
|
|
|
295152 |
- char *val = apr_strtok(NULL, psep, &plast);
|
|
|
295152 |
if (key && *key) {
|
|
|
295152 |
+ char *val = apr_strtok(NULL, sep, &plast);
|
|
|
295152 |
if (!val || !*val) {
|
|
|
295152 |
apr_table_unset(z->entries, key);
|
|
|
295152 |
}
|