diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-10-28 12:12:12 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-11-15 09:52:34 -0500 |
commit | ca92350db6ad6ac344181f7b8ec695eda29da675 (patch) | |
tree | a13639292904be7def057dd21127c768153669f5 /src/util | |
parent | a476bf85436d8a8195df1693db5b806a9c8f56bd (diff) | |
download | sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.gz sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.bz2 sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.zip |
Add utility function to sanitize LDAP/LDB filters
Also adds a unit test.
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/util.c | 52 | ||||
-rw-r--r-- | src/util/util.h | 11 |
2 files changed, 63 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c index 06eea283..772a8b73 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -515,3 +515,55 @@ errno_t sss_hash_create(TALLOC_CTX *mem_ctx, talloc_free(internal_ctx); return ret; } + +errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx, + const char *input, + char **sanitized) +{ + char *output; + size_t i = 0; + size_t j = 0; + + /* Assume the worst-case. We'll resize it later, once */ + output = talloc_array(mem_ctx, char, strlen(input) * 3 + 1); + if (!output) { + return ENOMEM; + } + + while (input[i]) { + switch(input[i]) { + case '*': + output[j++] = '\\'; + output[j++] = '2'; + output[j++] = 'a'; + break; + case '(': + output[j++] = '\\'; + output[j++] = '2'; + output[j++] = '8'; + break; + case ')': + output[j++] = '\\'; + output[j++] = '2'; + output[j++] = '9'; + break; + case '\\': + output[j++] = '\\'; + output[j++] = '5'; + output[j++] = 'c'; + break; + default: + output[j++] = input[i]; + } + + i++; + } + output[j] = '\0'; + *sanitized = talloc_realloc(mem_ctx, output, char, j+1); + if (!*sanitized) { + talloc_free(output); + return ENOMEM; + } + + return EOK; +} diff --git a/src/util/util.h b/src/util/util.h index e93f6f86..53a6b1c9 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -366,4 +366,15 @@ errno_t diff_string_lists(TALLOC_CTX *memctx, char ***string1_only, char ***string2_only, char ***both_strings); + +/* Sanitize an input string (e.g. a username) for use in + * an LDAP/LDB filter + * Returns a newly-constructed string attached to mem_ctx + * It will fail only on an out of memory condition, where it + * will return ENOMEM. + */ +errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx, + const char *input, + char **sanitized); + #endif /* __SSSD_UTIL_H__ */ |