summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-02-01 05:20:11 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-02-01 05:20:11 +0000
commitc2b134cc3b67d48961226cbfac6ea3a2fc7cc1a6 (patch)
tree3ca8971139282d99baed4a833162fc94c0f98911 /source3/lib
parent1454c1c99ab87e216dea1871b53c51ce7e548ba5 (diff)
downloadsamba-c2b134cc3b67d48961226cbfac6ea3a2fc7cc1a6.tar.gz
samba-c2b134cc3b67d48961226cbfac6ea3a2fc7cc1a6.tar.bz2
samba-c2b134cc3b67d48961226cbfac6ea3a2fc7cc1a6.zip
Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm to
blame for the realloc() stuff. Plus a couple of minor updates to libads. Andrew Bartlett (This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/ldap_escape.c90
1 files changed, 90 insertions, 0 deletions
diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c
new file mode 100644
index 0000000000..9e88b4999c
--- /dev/null
+++ b/source3/lib/ldap_escape.c
@@ -0,0 +1,90 @@
+/*
+ Unix SMB/CIFS implementation.
+ ldap filter argument escaping
+
+ Copyright (C) 1998, 1999, 2000 Luke Howard <lukeh@padl.com>,
+ Copyright (C) 2003 Andrew Bartlett <abartlet@samba.org>
+
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/**
+ * Escape a parameter to an LDAP filter string, so they cannot contain
+ * embeded ( ) * or \ chars which may cause it not to parse correctly.
+ *
+ * @param s The input string
+ *
+ * @return A string allocated with malloc(), containing the escaped string,
+ * and to be free()ed by the caller.
+ **/
+
+char *escape_ldap_string_alloc(const char *s)
+{
+ size_t len = strlen(s)+1;
+ char *output = malloc(len);
+ char *output_tmp;
+ const char *sub;
+ int i = 0;
+ char *p = output;
+
+ while (*s)
+ {
+ switch (*s)
+ {
+ case '*':
+ sub = "\\2a";
+ break;
+ case '(':
+ sub = "\\28";
+ break;
+ case ')':
+ sub = "\\29";
+ break;
+ case '\\':
+ sub = "\\5c";
+ break;
+ default:
+ sub = NULL;
+ break;
+ }
+
+ if (sub) {
+ len = len + 3;
+ output_tmp = realloc(output, len);
+ if (!output_tmp) {
+ SAFE_FREE(output);
+ return NULL;
+ }
+ output = output_tmp;
+
+ p = &output[i];
+ strncpy (p, sub, 3);
+ p += 3;
+ i += 3;
+
+ } else {
+ *p = *s;
+ p++;
+ i++;
+ }
+ s++;
+ }
+
+ *p = '\0';
+ return output;
+}