Add additional be_isroot() checks to protect against empty

root and client ndns.  (the existing backend protections
*should* be good enough, but one cannot be too safe)

diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index 1ad03e506d7691d54f3a320d506eea3e44690d2a..9bdf4d29815286cebe158e9aa39d83c4e4f3e895 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -481,7 +481,11 @@ be_isroot( Backend *be, const char *ndn )
 {
        int rc;
 
-       if ( ndn == NULL || be->be_root_ndn == NULL ) {
+       if ( ndn == NULL || *ndn == '\0' ) {
+               return( 0 );
+       }
+
+       if ( be->be_root_ndn == NULL || *be->be_root_ndn == '\0' ) {
                return( 0 );
        }