$OpenBSD: patch-servers_slapd_overlays_deref_c,v 1.2 2015/02/06 11:28:12 sthen Exp $

http://www.openldap.org/its/?findid=8027

From: Howard Chu <hyc@openldap.org>
Date: Mon, 19 Jan 2015 22:25:53 +0000 (+0000)
Subject: ITS#8027 require non-empty AttributeList
X-Git-Url: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff_plain;h=c32e74763f77675b9e144126e375977ed6dc562c

ITS#8027 require non-empty AttributeList

--- servers/slapd/overlays/deref.c.orig	Fri Sep 19 02:48:49 2014
+++ servers/slapd/overlays/deref.c	Fri Feb  6 11:11:42 2015
@@ -183,7 +183,8 @@ deref_parseCtrl (
 		ber_len_t cnt = sizeof(struct berval);
 		ber_len_t off = 0;
 
-		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR )
+		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR
+			|| !cnt )
 		{
 			rs->sr_text = "Dereference control: derefSpec decoding error";
 			rs->sr_err = LDAP_PROTOCOL_ERROR;
