From 8d6fb9e625ab9ab60e8404b10a0fc2acde6abad3 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Thu, 5 Mar 2009 19:11:58 +0000
Subject: [PATCH] ITS#5976

---
 CHANGES                  | 1 +
 libraries/libldap/tls2.c | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index d88a36de22..09326c4984 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,7 @@
 OpenLDAP 2.4 Change Log
 
 OpenLDAP 2.4.16 Engineering
+	Fixed libldap segfault in checking cert/DN (ITS#5976)
 
 OpenLDAP 2.4.15 Release (2009/02/24)
 	Fixed libldap alias dereferencing in C API again (ITS#5916)
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
index ff2a2d2b52..69e6f609e8 100644
--- a/libraries/libldap/tls2.c
+++ b/libraries/libldap/tls2.c
@@ -872,8 +872,9 @@ ldap_pvt_tls_get_my_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func,
 	struct berval der_dn;
 	int rc;
 
-	tls_imp->ti_session_my_dn( session, &der_dn );
-	rc = ldap_X509dn2bv(&der_dn, dn, (LDAPDN_rewrite_func *)func, flags );
+	rc = tls_imp->ti_session_my_dn( session, &der_dn );
+	if ( rc == LDAP_SUCCESS )
+		rc = ldap_X509dn2bv(&der_dn, dn, (LDAPDN_rewrite_func *)func, flags );
 	return rc;
 }
 #endif /* HAVE_TLS */
-- 
GitLab