Bugzilla 912964 - bug in handling of LDAPv3 control data
Bug Description:
If we receive an incorrect control, with non NULL bv_val but
bv_len=0, it can trigger a crash. This bug occurs because
of a call of openldap ber_init with such incorrect control.
Fix Description:
Before calling ber_init, check that the control lenght is not 0.
Note: checking in the patch on behalf of "Thierry bordaz"
<tbordaz@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=913228
Reviewed by: rmeggins@redhat.com, nhosoi@redhat.com
Platforms tested: Fedora 18, RHEL 6.4 (RHDS6.4)
Flag Day: no
Doc impact: possibly document a security bug