From: Howard Chu <hyc@openldap.org>
Date: Thu, 6 Nov 2008 16:47:05 +0000 (+0000)
Subject: ITS#5794 NUL-terminate old pw before checking
X-Git-Tag: ACLCHECK_0~1148
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=8499581841233f23a82de8d16f5be34f8f3f5827;p=openldap

ITS#5794 NUL-terminate old pw before checking
---

diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c
index 18d0bd2142..26a58a8782 100644
--- a/servers/slapd/passwd.c
+++ b/servers/slapd/passwd.c
@@ -228,8 +228,12 @@ int passwd_extop(
 		if ( rc == LDAP_SUCCESS && e ) {
 			Attribute *a = attr_find( e->e_attrs,
 				slap_schema.si_ad_userPassword );
-			if ( a )
+			if ( a ) {
+				char oldNul = qpw->rs_old.bv_val[qpw->rs_old.bv_len];
+				qpw->rs_old.bv_val[qpw->rs_old.bv_len] = 0;
 				rc = slap_passwd_check( op, e, a, &qpw->rs_old, &rs->sr_text );
+				qpw->rs_old.bv_val[qpw->rs_old.bv_len] = oldNul;
+			}
 			else
 				rc = 1;
 			be_entry_release_r( op, e );