Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : ldap filter argument escaping
4 :
5 : Copyright (C) 1998, 1999, 2000 Luke Howard <lukeh@padl.com>,
6 : Copyright (C) 2003 Andrew Bartlett <abartlet@samba.org>
7 :
8 :
9 : This program is free software; you can redistribute it and/or modify
10 : it under the terms of the GNU General Public License as published by
11 : the Free Software Foundation; either version 3 of the License, or
12 : (at your option) any later version.
13 :
14 : This program is distributed in the hope that it will be useful,
15 : but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : GNU General Public License for more details.
18 :
19 : You should have received a copy of the GNU General Public License
20 : along with this program. If not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 :
25 : /**
26 : * Escape a parameter to an LDAP filter string, so they cannot contain
27 : * embeded ( ) * or \ chars which may cause it not to parse correctly.
28 : *
29 : * @param s The input string
30 : *
31 : * @return A string allocated with talloc(), containing the escaped string,
32 : * and to be talloc_free()ed by the caller.
33 : **/
34 :
35 6 : char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s)
36 : {
37 6 : size_t len = strlen(s)+1;
38 6 : char *output = talloc_array(mem_ctx, char, len);
39 : const char *sub;
40 6 : int i = 0;
41 6 : char *p = output;
42 :
43 6 : if (output == NULL) {
44 0 : return NULL;
45 : }
46 :
47 69 : while (*s)
48 : {
49 60 : switch (*s)
50 : {
51 0 : case '*':
52 0 : sub = "\\2a";
53 0 : break;
54 0 : case '(':
55 0 : sub = "\\28";
56 0 : break;
57 0 : case ')':
58 0 : sub = "\\29";
59 0 : break;
60 0 : case '\\':
61 0 : sub = "\\5c";
62 0 : break;
63 60 : default:
64 60 : sub = NULL;
65 60 : break;
66 : }
67 :
68 60 : if (sub) {
69 : char *tmp;
70 0 : len = len + 3;
71 0 : tmp = talloc_realloc(mem_ctx, output, char, len);
72 0 : if (tmp == NULL) {
73 0 : TALLOC_FREE(output);
74 0 : return NULL;
75 : }
76 0 : output = tmp;
77 :
78 0 : p = &output[i];
79 0 : memcpy(p, sub, 3);
80 0 : p += 3;
81 0 : i += 3;
82 :
83 : } else {
84 60 : *p = *s;
85 60 : p++;
86 60 : i++;
87 : }
88 60 : s++;
89 : }
90 :
91 6 : *p = '\0';
92 6 : return output;
93 : }
94 :
95 30 : char *escape_rdn_val_string_alloc(const char *s)
96 : {
97 : char *output, *p;
98 :
99 : /* The maximum size of the escaped string can be twice the actual size */
100 30 : output = (char *)SMB_MALLOC(2*strlen(s) + 1);
101 :
102 30 : if (output == NULL) {
103 0 : return NULL;
104 : }
105 :
106 30 : p = output;
107 :
108 409 : while (*s)
109 : {
110 362 : switch (*s)
111 : {
112 0 : case ',':
113 : case '=':
114 : case '+':
115 : case '<':
116 : case '>':
117 : case '#':
118 : case ';':
119 : case '\\':
120 : case '\"':
121 0 : *p++ = '\\';
122 0 : *p++ = *s;
123 0 : break;
124 362 : default:
125 362 : *p = *s;
126 362 : p++;
127 : }
128 :
129 362 : s++;
130 : }
131 :
132 30 : *p = '\0';
133 :
134 : /* resize the string to the actual final size */
135 30 : output = (char *)SMB_REALLOC(output, strlen(output) + 1);
136 30 : return output;
137 : }
|
