mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
ff7568daae
../source3/lib/ldap_escape.c: In function ‘escape_ldap_string’: ../source3/lib/ldap_escape.c:79:4: error: ‘strncpy’ output truncated before terminating nul copying 3 bytes from a string of the same length [-Werror=stringop-truncation] strncpy (p, sub, 3); ^~~~~~~~~~~~~~~~~~~ We concatenat and do not care about NUL-termination till the loop has finished. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
138 lines
2.5 KiB
C
138 lines
2.5 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
ldap filter argument escaping
|
|
|
|
Copyright (C) 1998, 1999, 2000 Luke Howard <lukeh@padl.com>,
|
|
Copyright (C) 2003 Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
|
|
/**
|
|
* Escape a parameter to an LDAP filter string, so they cannot contain
|
|
* embeded ( ) * or \ chars which may cause it not to parse correctly.
|
|
*
|
|
* @param s The input string
|
|
*
|
|
* @return A string allocated with talloc(), containing the escaped string,
|
|
* and to be talloc_free()ed by the caller.
|
|
**/
|
|
|
|
char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s)
|
|
{
|
|
size_t len = strlen(s)+1;
|
|
char *output = talloc_array(mem_ctx, char, len);
|
|
const char *sub;
|
|
int i = 0;
|
|
char *p = output;
|
|
|
|
if (output == NULL) {
|
|
return NULL;
|
|
}
|
|
|
|
while (*s)
|
|
{
|
|
switch (*s)
|
|
{
|
|
case '*':
|
|
sub = "\\2a";
|
|
break;
|
|
case '(':
|
|
sub = "\\28";
|
|
break;
|
|
case ')':
|
|
sub = "\\29";
|
|
break;
|
|
case '\\':
|
|
sub = "\\5c";
|
|
break;
|
|
default:
|
|
sub = NULL;
|
|
break;
|
|
}
|
|
|
|
if (sub) {
|
|
char *tmp;
|
|
len = len + 3;
|
|
tmp = talloc_realloc(mem_ctx, output, char, len);
|
|
if (tmp == NULL) {
|
|
TALLOC_FREE(output);
|
|
return NULL;
|
|
}
|
|
output = tmp;
|
|
|
|
p = &output[i];
|
|
memcpy(p, sub, 3);
|
|
p += 3;
|
|
i += 3;
|
|
|
|
} else {
|
|
*p = *s;
|
|
p++;
|
|
i++;
|
|
}
|
|
s++;
|
|
}
|
|
|
|
*p = '\0';
|
|
return output;
|
|
}
|
|
|
|
char *escape_rdn_val_string_alloc(const char *s)
|
|
{
|
|
char *output, *p;
|
|
|
|
/* The maximum size of the escaped string can be twice the actual size */
|
|
output = (char *)SMB_MALLOC(2*strlen(s) + 1);
|
|
|
|
if (output == NULL) {
|
|
return NULL;
|
|
}
|
|
|
|
p = output;
|
|
|
|
while (*s)
|
|
{
|
|
switch (*s)
|
|
{
|
|
case ',':
|
|
case '=':
|
|
case '+':
|
|
case '<':
|
|
case '>':
|
|
case '#':
|
|
case ';':
|
|
case '\\':
|
|
case '\"':
|
|
*p++ = '\\';
|
|
*p++ = *s;
|
|
break;
|
|
default:
|
|
*p = *s;
|
|
p++;
|
|
}
|
|
|
|
s++;
|
|
}
|
|
|
|
*p = '\0';
|
|
|
|
/* resize the string to the actual final size */
|
|
output = (char *)SMB_REALLOC(output, strlen(output) + 1);
|
|
return output;
|
|
}
|