431203: CVE-2007-6698 openldap: slapd crash on NOOP control operation on entry in bdb storage
Source: upstream, http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4925
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modify.c.diff?r1=1.124.2.16&r2=1.124.2.17&f=h
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/modify.c,v
retrieving revision 1.124.2.16
retrieving revision 1.124.2.17
diff -u -r1.124.2.16 -r1.124.2.17
--- servers/slapd/back-bdb/modify.c 2007/01/02 21:44:00 1.124.2.16
+++ servers/slapd/back-bdb/modify.c 2007/04/11 18:32:24 1.124.2.17
@@ -538,6 +538,8 @@
} else {
rs->sr_err = LDAP_X_NO_OPERATION;
ltid = NULL;
+ /* Only free attrs if they were dup'd. */
+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
goto return_results;
}
} else {