fix CVE-2008-0658

Resolves: #432014
This commit is contained in:
Jan Šafránek 2008-02-08 14:21:30 +00:00
parent 97ea1d6494
commit 386e64b328

View File

@ -0,0 +1,20 @@
432013: CVE-2008-0658 openldap: slapd crash on modrdn operation with NOOP control on entry in bdb storage
Source: upstream,
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/modify.c,v
retrieving revision 1.124.2.16
retrieving revision 1.124.2.17
--- servers/slapd/back-bdb/modrdn.c 2008/01/11 03:01:37 1.197
+++ servers/slapd/back-bdb/modrdn.c 2008/02/07 11:06:24 1.198
@@ -739,6 +739,8 @@
} else {
rs->sr_err = LDAP_X_NO_OPERATION;
ltid = NULL;
+ /* Only free attrs if they were dup'd. */
+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
goto return_results;
}