From 386e64b3281b335a53e6835ad6bb72fcee69eca2 Mon Sep 17 00:00:00 2001
From: Jan Šafránek <jsafrane@fedoraproject.org>
Date: Feb 08 2008 14:21:30 +0000
Subject: fix CVE-2008-0658

Resolves: #432014

---

diff --git a/openldap-2.3.27-modify-noop.patch b/openldap-2.3.27-modify-noop.patch
new file mode 100644
index 0000000..2f97656
--- /dev/null
+++ b/openldap-2.3.27-modify-noop.patch
@@ -0,0 +1,20 @@
+432013: CVE-2008-0658 openldap: slapd crash on modrdn operation with NOOP control on entry in bdb storage
+
+Source: upstream, 
+http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
+http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198
+
+===================================================================
+RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/modify.c,v
+retrieving revision 1.124.2.16
+retrieving revision 1.124.2.17
+--- servers/slapd/back-bdb/modrdn.c     2008/01/11 03:01:37     1.197
++++ servers/slapd/back-bdb/modrdn.c     2008/02/07 11:06:24     1.198
+@@ -739,6 +739,8 @@
+ 		} else {
+ 			rs->sr_err = LDAP_X_NO_OPERATION;
+ 			ltid = NULL;
++			/* Only free attrs if they were dup'd.  */
++			if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
+ 			goto return_results;
+ 		}