LCOV - code coverage report
Current view: top level - source3/lib - ldap_escape.c (source / functions) Hit Total Coverage
Test: coverage report for fix-15632 9995c5c2 Lines: 31 62 50.0 %
Date: 2024-04-13 12:30:31 Functions: 2 2 100.0 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             :    ldap filter argument escaping
       4             : 
       5             :    Copyright (C) 1998, 1999, 2000 Luke Howard <lukeh@padl.com>,
       6             :    Copyright (C) 2003 Andrew Bartlett <abartlet@samba.org>
       7             : 
       8             :   
       9             :    This program is free software; you can redistribute it and/or modify
      10             :    it under the terms of the GNU General Public License as published by
      11             :    the Free Software Foundation; either version 3 of the License, or
      12             :    (at your option) any later version.
      13             :    
      14             :    This program is distributed in the hope that it will be useful,
      15             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      16             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      17             :    GNU General Public License for more details.
      18             :    
      19             :    You should have received a copy of the GNU General Public License
      20             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      21             : */
      22             : 
      23             : #include "includes.h"
      24             : 
      25             : /**
      26             :  * Escape a parameter to an LDAP filter string, so they cannot contain
      27             :  * embedded ( ) * or \ chars which may cause it not to parse correctly.
      28             :  *
      29             :  * @param s The input string
      30             :  *
      31             :  * @return A string allocated with talloc(), containing the escaped string,
      32             :  * and to be talloc_free()ed by the caller.
      33             :  **/
      34             : 
      35           8 : char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s)
      36             : {
      37           8 :         size_t len = strlen(s)+1;
      38           8 :         char *output = talloc_array(mem_ctx, char, len);
      39           0 :         const char *sub;
      40           8 :         int i = 0;
      41           8 :         char *p = output;
      42             : 
      43           8 :         if (output == NULL) {
      44           0 :                 return NULL;
      45             :         }
      46             : 
      47         132 :         while (*s)
      48             :         {
      49         124 :                 switch (*s)
      50             :                 {
      51           0 :                 case '*':
      52           0 :                         sub = "\\2a";
      53           0 :                         break;
      54           0 :                 case '(':
      55           0 :                         sub = "\\28";
      56           0 :                         break;
      57           0 :                 case ')':
      58           0 :                         sub = "\\29";
      59           0 :                         break;
      60           0 :                 case '\\':
      61           0 :                         sub = "\\5c";
      62           0 :                         break;
      63         124 :                 default:
      64         124 :                         sub = NULL;
      65         124 :                         break;
      66             :                 }
      67             : 
      68         124 :                 if (sub) {
      69           0 :                         char *tmp;
      70           0 :                         len = len + 3;
      71           0 :                         tmp = talloc_realloc(mem_ctx, output, char, len);
      72           0 :                         if (tmp == NULL) {
      73           0 :                                 TALLOC_FREE(output);
      74           0 :                                 return NULL;
      75             :                         }
      76           0 :                         output = tmp;
      77             : 
      78           0 :                         p = &output[i];
      79           0 :                         memcpy(p, sub, 3);
      80           0 :                         p += 3;
      81           0 :                         i += 3;
      82             : 
      83             :                 } else {
      84         124 :                         *p = *s;
      85         124 :                         p++;
      86         124 :                         i++;
      87             :                 }
      88         124 :                 s++;
      89             :         }
      90             : 
      91           8 :         *p = '\0';
      92           8 :         return output;
      93             : }
      94             : 
      95          64 : char *escape_rdn_val_string_alloc(const char *s)
      96             : {
      97           0 :         char *output, *p;
      98             : 
      99             :         /* The maximum size of the escaped string can be twice the actual size */
     100          64 :         output = (char *)SMB_MALLOC(2*strlen(s) + 1);
     101             : 
     102          64 :         if (output == NULL) {
     103           0 :                 return NULL;
     104             :         }
     105             : 
     106          64 :         p = output;
     107             : 
     108         780 :         while (*s)
     109             :         {
     110         716 :                 switch (*s)
     111             :                 {
     112           0 :                 case ',':
     113             :                 case '=':
     114             :                 case '+':
     115             :                 case '<':
     116             :                 case '>':
     117             :                 case '#':
     118             :                 case ';':
     119             :                 case '\\':
     120             :                 case '\"':
     121           0 :                         *p++ = '\\';
     122           0 :                         *p++ = *s;
     123           0 :                         break;
     124         716 :                 default:
     125         716 :                         *p = *s;
     126         716 :                         p++;
     127             :                 }
     128             : 
     129         716 :                 s++;
     130             :         }
     131             : 
     132          64 :         *p = '\0';
     133             : 
     134             :         /* resize the string to the actual final size */
     135          64 :         output = (char *)SMB_REALLOC(output, strlen(output) + 1);
     136          64 :         return output;
     137             : }

Generated by: LCOV version 1.14