summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-10-28 12:12:12 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-11-15 09:52:34 -0500
commitca92350db6ad6ac344181f7b8ec695eda29da675 (patch)
treea13639292904be7def057dd21127c768153669f5 /src/util
parenta476bf85436d8a8195df1693db5b806a9c8f56bd (diff)
downloadsssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.gz
sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.bz2
sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.zip
Add utility function to sanitize LDAP/LDB filters
Also adds a unit test.
Diffstat (limited to 'src/util')
-rw-r--r--src/util/util.c52
-rw-r--r--src/util/util.h11
2 files changed, 63 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c
index 06eea283..772a8b73 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -515,3 +515,55 @@ errno_t sss_hash_create(TALLOC_CTX *mem_ctx,
talloc_free(internal_ctx);
return ret;
}
+
+errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
+ const char *input,
+ char **sanitized)
+{
+ char *output;
+ size_t i = 0;
+ size_t j = 0;
+
+ /* Assume the worst-case. We'll resize it later, once */
+ output = talloc_array(mem_ctx, char, strlen(input) * 3 + 1);
+ if (!output) {
+ return ENOMEM;
+ }
+
+ while (input[i]) {
+ switch(input[i]) {
+ case '*':
+ output[j++] = '\\';
+ output[j++] = '2';
+ output[j++] = 'a';
+ break;
+ case '(':
+ output[j++] = '\\';
+ output[j++] = '2';
+ output[j++] = '8';
+ break;
+ case ')':
+ output[j++] = '\\';
+ output[j++] = '2';
+ output[j++] = '9';
+ break;
+ case '\\':
+ output[j++] = '\\';
+ output[j++] = '5';
+ output[j++] = 'c';
+ break;
+ default:
+ output[j++] = input[i];
+ }
+
+ i++;
+ }
+ output[j] = '\0';
+ *sanitized = talloc_realloc(mem_ctx, output, char, j+1);
+ if (!*sanitized) {
+ talloc_free(output);
+ return ENOMEM;
+ }
+
+ return EOK;
+}
diff --git a/src/util/util.h b/src/util/util.h
index e93f6f86..53a6b1c9 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -366,4 +366,15 @@ errno_t diff_string_lists(TALLOC_CTX *memctx,
char ***string1_only,
char ***string2_only,
char ***both_strings);
+
+/* Sanitize an input string (e.g. a username) for use in
+ * an LDAP/LDB filter
+ * Returns a newly-constructed string attached to mem_ctx
+ * It will fail only on an out of memory condition, where it
+ * will return ENOMEM.
+ */
+errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
+ const char *input,
+ char **sanitized);
+
#endif /* __SSSD_UTIL_H__ */