$OpenBSD: patch-servers_slapd_dn_c,v 1.2 2011/01/07 10:24:30 pea Exp $

SECURITY FIX

Resolves CVE-2010-0211 and CVE-2010-0212 (ITS#6570)
from upstream


--- servers/slapd/dn.c.orig	Thu Jun 10 19:48:06 2010
+++ servers/slapd/dn.c	Tue Sep  7 15:11:59 2010
@@ -380,6 +380,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ct
 		if (!ava->la_value.bv_len) {
 			return LDAP_INVALID_SYNTAX;
 		}
+		/* reject empty values */
+		if (!ava->la_value.bv_len) {
+			return LDAP_INVALID_SYNTAX;
+		}
 	}
 	rc = LDAP_SUCCESS;
 
