From d3321558a57d4fb53c627b568adc832e639870dc Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Mon, 6 Jan 2025 19:28:35 +0000
Subject: [PATCH] mod_session_dbd: set_cookie_name: ensure correct format

If args is an empty string, apr_strtok will return NULL and *last will never get set which results in a SIGSEGV in apr_isspace check

Submitted by: Thomas Meyer <thomas@m3y3r.de>

Github: closes #503

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1922931 13f79535-47bb-0310-9956-ffa450edef68
(cherry picked from commit 75facde270f0c082992341c0f71b4bb44a960a8f)
---
 modules/session/mod_session_dbd.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/modules/session/mod_session_dbd.c b/modules/session/mod_session_dbd.c
index f683da2172f..619addb7b69 100644
--- a/modules/session/mod_session_dbd.c
+++ b/modules/session/mod_session_dbd.c
@@ -571,6 +571,11 @@ static const char *set_cookie_name(cmd_parms * cmd, void *config, const char *ar
     char *line = apr_pstrdup(cmd->pool, args);
     session_dbd_dir_conf *conf = (session_dbd_dir_conf *) config;
     char *cookie = apr_strtok(line, " \t", &last);
+    if (!cookie) {
+        return apr_pstrcat(cmd->pool, cmd->directive->directive,
+                           " requires at least one argument!",
+                           NULL);
+    }
     conf->name = cookie;
     conf->name_set = 1;
     while (apr_isspace(*last)) {
@@ -586,6 +591,11 @@ static const char *set_cookie_name2(cmd_parms * cmd, void *config, const char *a
     char *line = apr_pstrdup(cmd->pool, args);
     session_dbd_dir_conf *conf = (session_dbd_dir_conf *) config;
     char *cookie = apr_strtok(line, " \t", &last);
+    if (!cookie) {
+        return apr_pstrcat(cmd->pool, cmd->directive->directive,
+                           " requires at least one argument!",
+                           NULL);
+    }
     conf->name2 = cookie;
     conf->name2_set = 1;
     while (apr_isspace(*last)) {