diff options
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/ldap/sdap_async_accounts.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c index 648f9a73..5b6d3d74 100644 --- a/src/providers/ldap/sdap_async_accounts.c +++ b/src/providers/ldap/sdap_async_accounts.c @@ -3409,6 +3409,7 @@ errno_t save_rfc2307bis_user_memberships( { errno_t ret, tret; char *member_dn; + char *sanitized_dn; char *filter; const char **attrs; size_t reply_count, i; @@ -3447,12 +3448,18 @@ errno_t save_rfc2307bis_user_memberships( ret = ENOMEM; goto error; } + ret = sss_filter_sanitize(tmp_ctx, member_dn, &sanitized_dn); + if (ret != EOK) { + goto error; + } + talloc_free(member_dn); - filter = talloc_asprintf(tmp_ctx, "(member=%s)", member_dn); + filter = talloc_asprintf(tmp_ctx, "(member=%s)", sanitized_dn); if (!filter) { ret = ENOMEM; goto error; } + talloc_free(sanitized_dn); ret = sysdb_search_groups(tmp_ctx, state->sysdb, state->dom, filter, attrs, &reply_count, &replies); @@ -3874,6 +3881,7 @@ static errno_t rfc2307bis_nested_groups_update_sysdb( const char *name; bool in_transaction = false; char *member_dn; + char *sanitized_dn; char *filter; const char **attrs; size_t reply_count, i; @@ -3918,12 +3926,18 @@ static errno_t rfc2307bis_nested_groups_update_sysdb( goto error; } - filter = talloc_asprintf(tmp_ctx, "(member=%s)", member_dn); + ret = sss_filter_sanitize(tmp_ctx, member_dn, &sanitized_dn); + if (ret != EOK) { + goto error; + } + talloc_free(member_dn); + + filter = talloc_asprintf(tmp_ctx, "(member=%s)", sanitized_dn); if (!filter) { ret = ENOMEM; goto error; } - talloc_free(member_dn); + talloc_free(sanitized_dn); ret = sysdb_search_groups(tmp_ctx, state->sysdb, state->dom, filter, attrs, |