File apache2-CVE-2021-26690.patch of Package apache2.27541

diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index a2b4a3e608b..01f41fe5d0f 100644
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -413,8 +413,8 @@ static apr_status_t session_identity_decode(request_rec * r, session_rec * z)
         char *plast = NULL;
         const char *psep = "=";
         char *key = apr_strtok(pair, psep, &plast);
-        char *val = apr_strtok(NULL, psep, &plast);
         if (key && *key) {
+            char *val = apr_strtok(NULL, sep, &plast);
             if (!val || !*val) {
                 apr_table_unset(z->entries, key);
             }

openSUSE Build Service is sponsored by