aboutsummaryrefslogtreecommitdiffstats
path: root/main/openldap/CVE-2015-1545.patch
blob: a642bed03b2ec9b7893b684d7f0c82776602924c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
From c32e74763f77675b9e144126e375977ed6dc562c Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Mon, 19 Jan 2015 22:25:53 +0000
Subject: [PATCH] ITS#8027 require non-empty AttributeList

---
 servers/slapd/overlays/deref.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/servers/slapd/overlays/deref.c b/servers/slapd/overlays/deref.c
index 9420e3e..05aa890 100644
--- a/servers/slapd/overlays/deref.c
+++ b/servers/slapd/overlays/deref.c
@@ -183,7 +183,8 @@ deref_parseCtrl (
 		ber_len_t cnt = sizeof(struct berval);
 		ber_len_t off = 0;
 
-		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR )
+		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR
+			|| !cnt )
 		{
 			rs->sr_text = "Dereference control: derefSpec decoding error";
 			rs->sr_err = LDAP_PROTOCOL_ERROR;
-- 
1.7.10.4