Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2009-11-01 15:40:45 +0100
committerArthur de Jong <arthur@arthurdejong.org>2009-11-01 15:40:45 +0100
commit37dfc03f1b54451bda18671bd9d569caa4f85c57 (patch)
tree55e4f69cb4f5416ed2a37b3f3785b639470279e4 /nslcd
parent3fa81153e6374c6d37ce9b5343d5d944f709dba7 (diff)
also do proper escaping in mkfilter_group_bymember()
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1013 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'nslcd')
-rw-r--r--nslcd/group.c22
1 files changed, 15 insertions, 7 deletions
diff --git a/nslcd/group.c b/nslcd/group.c
index 0558651..e89efa8 100644
--- a/nslcd/group.c
+++ b/nslcd/group.c
@@ -109,19 +109,27 @@ static int mkfilter_group_bymember(MYLDAP_SESSION *session,
char *buffer,size_t buflen)
{
char buf[80],*dn;
+ char safeuid[80];
+ char safedn[1024];
+ /* escape attribute */
+ if(myldap_escape(uid,safeuid,sizeof(safeuid)))
+ return -1;
/* try to translate uid to DN */
dn=uid2dn(session,uid,buf,sizeof(buf));
if (dn==NULL)
return mysnprintf(buffer,buflen,
"(&%s(%s=%s))",
group_filter,
- attmap_group_memberUid,uid);
- else /* also lookup using user DN */
- return mysnprintf(buffer,buflen,
- "(&%s(|(%s=%s)(%s=%s)))",
- group_filter,
- attmap_group_memberUid,uid,
- attmap_group_uniqueMember,dn);
+ attmap_group_memberUid,safeuid);
+ /* escape DN */
+ if(myldap_escape(dn,safedn,sizeof(safedn)))
+ return -1;
+ /* also lookup using user DN */
+ return mysnprintf(buffer,buflen,
+ "(&%s(|(%s=%s)(%s=%s)))",
+ group_filter,
+ attmap_group_memberUid,safeuid,
+ attmap_group_uniqueMember,safedn);
}
void group_init(void)